腾讯网

最近让互联网「着火」的 Log4Shell 漏洞到底是什么?

如果你多少关注信息安全资讯,或许在最近几天已经频繁听到 Log4Shell 这个漏洞的名字——或者一些更具传播性的说法,诸如「互联网正在着火」「过去十年最严重的漏洞」「现代计算机历史上最大漏洞」「难以想到哪家公司不受影响」之类(参见《洛杉矶时报 ...
腾讯网

用一段故事,理解让大厂纷纷沦陷的 Log4Shell 漏洞

「互联网正在着火」? 如果你多少关注信息安全资讯,或许在最近几天已经频繁听到Log4Shell这个漏洞的名字——或者一些更具传播性的说法,诸如「互联网正在着火」「过去十年最严重的漏洞」「现代计算机历史上最大漏洞」「难以想到哪家公司不受影响」之类 ...
TechCrunch

Study: 30% of Log4Shell instances remain unpatched

On December 9, 2021, a critical zero-day vulnerability affecting Apache’s Log4j2 library, a Java-based logging utility, was disclosed to the world and broke the internet. As the third most used ...
36氪

曾影响全球网络系统的Log4Shell,到底是何方神圣?

Log4Shell就是一名间谍。 神译局是36氪旗下编译团队,关注科技、商业、职场、生活等领域,重点介绍国外的新技术、新观点、新风向。 编者按:日志很受欢迎,但是用来创建日志的超级通用工具包Log4Shell(普遍称为“Log4J”)可不是个意志坚定的家伙,只要它 ...
36氪

最近让互联网「着火」的 Log4Shell 漏洞到底是什么?

如果你多少关注信息安全资讯,或许在最近几天已经频繁听到 Log4Shell 这个漏洞的名字。 如果你多少关注信息安全资讯,或许在最近几天已经频繁听到 Log4Shell 这个漏洞的名字——或者一些更具传播性的说法,诸如「互联网正在着火」「过去十年最严重的漏洞」 ...
TechCrunch

The race is on to patch Log4Shell, the bug that’s breaking the internet

Security teams around the globe are scrambling to fix Log4Shell, a critical security flaw in Log4j, an open source logging software that’s found practically everywhere from online games to enterprise ...
ZDNet

Log4Shell flaw: Still being used for crypto mining, botnet building... and Rickrolls

Log4Shell, the critical bug in Apache's widely used Log4j project, hasn't triggered the disaster that was feared, but it's still being exploited and predominantly from cloud computers in the US. The ...
Wired

The Log4J Vulnerability Will Haunt the Internet for Years

A vulnerability in the open source Apache logging library Log4j sent system administrators and security professionals scrambling over the weekend. Known as Log4Shell, the flaw is exposing some of the ...
VentureBeat

Spring Core vulnerability doesn’t seem to be Log4Shell all over again

A newly disclosed remote code execution vulnerability in Spring Core, a widely used Java framework, does not appear to represent a Log4Shell-level threat. Security researchers at several organizations ...
Computer Weekly

Log4Shell: How friendly hackers rose to the challenge

Imagine the scene: a severe vulnerability emerges that affects organisations worldwide, allowing unauthorised access to highly sensitive data. This scenario happened in late 2021 when a popular open ...
TechRepublic

Log4Shell: Still out there, still dangerous, and how to protect your systems

Log4Shell: Still out there, still dangerous, and how to protect your systems Your email has been sent Barracuda researchers have noticed a steady stream of attacks ...
Graham Cluley

Log4Shell: The race is on to fix millions of systems and internet-connected devices

Everyone is talking about Log4Shell, a zero-day remote code execution exploit in versions of log4j, the popular open source Java logging library. In fact, I’ve ...