InfoWorld

Log4j orthogonality by example

Orthogonality is a concept often used to describe modular and maintainable software, but it’s more easily understood by way of a case study. In this article, Jens Dietrich demystifies orthogonality ...
InfoWorld

Write custom appenders for log4j

statements, however. The logging system can add contextual information—filename, line number, and date, for example—to the message automatically. You can redirect the messages to different ...
Threat Post

Third Log4J Bug Can Trigger DoS; Apache Issues Patch

The new Log4j vulnerability is similar to Log4Shell in that it also affects the logging library, but this DoS flaw has to do with Context Map lookups, not JNDI. No, you’re not seeing triple: On Friday ...
Financial Post

Apache issues fifth patch this month to close another bug in Log4j

More than one security researcher predicted the Log4j/Log4Shell vulnerabilities discovered before Christmas won’t be the last. Apache has issued another security update for the logging library that ...
CSOonline

Prioritizing and remediating vulnerabilities in the wake of Log4J and Microsoft’s Patch Tuesday blunder

Vulnerability disclosures often come in bunches, and unvetted patch updates can create their own problems. Here's how to assess and prioritize both. The past few weeks left IT professionals ...
InfoQ

Log4j 2.6 Goes Garbage-Free

Unlock the full InfoQ experience by logging in! Stay updated with your favorite authors and topics, engage with content, and download exclusive resources. Sophie Koonin discusses the realities of ...
Dark Reading

Log4j Attack Surface Remains Massive

Attackers who want to exploit the critical remote code execution vulnerability disclosed in the Apache Log4j logging tool over four months ago still have a vast array of targets to go after. In a ...