史诗级的漏洞CVE-2021-44228爆发以来，各安全厂商提供了各种漏洞检测工具，也提供了各种漏洞修复方案。但是在修复过程中遇到无尽的坑，比如更新版本需要重启服务也不见得那么方便，改代码需要一定周期，临时修复方法错误(系统环境变量未生效)，Log4j 2.0-2.10 ...

IT之家 1 月 12 日消息，网络安全公司 Check Point Research 近日发布了 2021 年安全报告，2021 年每周对企业网络的总体攻击增加了 50%。 报告称，在全世界互联网上最严重的漏洞之一（每小时有数百万次攻击试图利用 Log4J 漏洞）不到一个月后，2021 年就网络安全而言是 ...

Takeaway: Organizations of all types and sizes should actively manage exposure to loss due to the Log4j vulnerability. Doing so will not be easy. The Log4j program is present in so many applications ...

近日，Apache Log4j 漏洞再次曝光3个高危漏洞，评级均在高危以上。 自2021年12月7日公开，Apache Log4j 漏洞被认为是“2021年最重要的安全威胁之一”，称它为“核弹级”漏洞真的不是夸张。该漏洞被披露已有1个多月时间，我们一起来回顾下，这场“核爆炸”究竟带来 ...

It feels like the world has a lot of Pandora's boxes open at once right now. Last week another crisis came into view with disclosure of a vulnerability in the widely used open source Apache logging ...

The White House is holding a meeting today with Apache, Google, Apple, Amazon, and other major tech organizations to discuss software security and open source tools. This comes in the wake of the ...

Join our daily and weekly newsletters for the latest updates and exclusive content on industry-leading AI coverage. Learn More Jen Easterly, director of the Cybersecurity and Infrastructure Security ...

A bug in the ubiquitous Log4j library can allow an attacker to execute arbitrary code on any system that uses Log4j to write logs. Does yours? Yesterday the Apache Foundation released an emergency ...

What some call the worst cybersecurity catastrophe of the year – the Apache Log4j logging library exploit – has spun off 60 bigger mutations in less than a day, researchers said. The internet has a ...