Dark Reading

Log4j: Getting From Stopgap Remedies to Long-Term Solutions

While the worst of Log4Shell may be behind us and much work remains, let's say "Well done" to the security engineers and managers who labored in the trenches in recent weeks. But if you thought the ...
Fast Company

Log4j vulnerability explained: The software flaw that has the tech world racing for a fix

In late November, a cloud-security researcher for Chinese tech giant Alibaba discovered a flaw in a popular open-source coding framework called Log4j. The employee quickly notified Log4j’s parent ...
ZDNet

Security company offers Log4j 'vaccine' for systems that can't be updated immediately

It is freely available on GitHub and Cybereason said it "is a relatively simple fix that requires only basic Java skills to implement." "In short, the fix uses the vulnerability itself to set the flag ...