Orthogonality is a concept often used to describe modular and maintainable software, but it’s more easily understood by way of a case study. In this article, Jens Dietrich demystifies orthogonality ...

The new Log4j vulnerability is similar to Log4Shell in that it also affects the logging library, but this DoS flaw has to do with Context Map lookups, not JNDI. No, you’re not seeing triple: On Friday ...

Microsoft says it’s only going to get worse: It’s seen state-sponsored and cyber-criminal attackers probing systems for the Log4Shell flaw through the end of December. No surprise here: The holidays ...

The White House is holding a meeting today with Apache, Google, Apple, Amazon, and other major tech organizations to discuss software security and open source tools. This comes in the wake of the ...

Cybersecurity giant Fortinet found that Log4j had nearly 50 times the activity volume compared to ProxyLogon based on peak 10-day average volume in the second half of 2021. The finding was part of the ...

Want smarter insights in your inbox? Sign up for our weekly newsletters to get only what matters to enterprise AI, data, and security leaders. Subscribe Now Out of all the vulnerabilities discovered ...

When developing Java applications, it is easy to get used to invoking logging on the provided logger via its log level-specific methods. For example, Log4j‘s Logger provides methods such as ...

Takeaway: Organizations of all types and sizes should actively manage exposure to loss due to the Log4j vulnerability. Doing so will not be easy. The Log4j program is present in so many applications ...

On December 9, when the Apache Software Foundation disclosed a massive vulnerability in Log4j, its Java logging library, it triggered a cat-and-mouse game as IT professionals raced to secure their ...

A critical flaw in widely used software has cybersecurity experts raising alarms and big companies racing to fix the issue. The vulnerability, which was reported late last week, is in Java-based ...