The Hacker News·4ySecond Log4j Vulnerability (CVE-2021-45046) Discovered — New Patch Released
Apache Software Foundation pushes out new fix for Log4j logging utility. The previous patch for the recently disclosed Log4Shell exploit was deemed as "incomplete in certain non-default configurations" The latest update arrives as fallout from the flaw has resulted in a "true cyber pandemic"
DZone·4yTop 7 Web Development Languages To Use In 2022
Today, web development is seemingly a promising job. If you are a newcomer in this field, the nuisance here is where to start or which web development languages you should learn. This article from Designveloper will well equip you with fundamental knowledge so that you can choose the right language for future jobs.
Dev Genius·4yLog4Shell, as explained by metaphor and memes!
Log4Shell is a Remote Code Execution (“RCE”) vulnerability, which is OpSec speak for roughly “Anyone who can interact with a computer that has this vulnerability, even indirectly, can command that computer to do whatever they want it to do” This is like bad actors showing up in courtrooms and shouting out the key phrase to see if they compromise the stenographer.
The Hacker News·4yApache Log4j Vulnerability — Log4Shell — Widely Under Active Attack
Telemetry signs point to exploitation of the flaw nine days before it even came to light. Threat actors are weaponizing unpatched servers affected by the newly disclosed "Log4Shell" vulnerability. Threats such as Mirai and Muhstik are setting their sights on vulnerable systems to spread the infection.
Laravel·4yLog4j Vulnerability Update
Log4j is a Java library by Apache used to log debug messages within applications. The vast majority of servers provisioned by Forge will not be vulnerable. If you have manually installed applications such as ElasticSearch your server may be affected. To check if your server is affected, you can use a script such as log4j_checker_beta .
Cisco·4yLog4j Developer Response
A newly discovered zero-day vulnerability (CVE-2021-44228) in the Apache Log4j library. If exploited, the vulnerability allows attackers to gain full control of affected servers and your application. There are a few key things you can do as a developer to contain the threat.
