Gizmodo

Log4j Vulnerabilities Are Piling Up as Companies Scramble to Patch

The gargantuan crisis spurred by log4j isn’t over yet—not even close. Over the past week, new vulnerabilities have been discovered in the unfortunate Apache logging library (whose ubiquitous ...
Threat Post

Third Log4J Bug Can Trigger DoS; Apache Issues Patch

The new Log4j vulnerability is similar to Log4Shell in that it also affects the logging library, but this DoS flaw has to do with Context Map lookups, not JNDI. No, you’re not seeing triple: On Friday ...
Gizmodo

FTC to Companies: Patch Log4j ASAP or Suffer Our Wrath

The Federal Trade Commission has a message for companies that aren’t taking the threat posed by log4j to heart: Patch up or lawyer up. Consider yourselves warned. By now, you’ve surely heard of the ...
CSOonline

Prioritizing and remediating vulnerabilities in the wake of Log4J and Microsoft’s Patch Tuesday blunder

Vulnerability disclosures often come in bunches, and unvetted patch updates can create their own problems. Here's how to assess and prioritize both. The past few weeks left IT professionals ...
Computer Weekly

After Log4j, December Patch Tuesday piles on the pressure

Microsoft released its monthly Patch Tuesday update as per its schedule on 14 November, and with security teams still assessing the fall-out from the Log4Shell Apache Log4j vulnerability ...