RT @brunoborges: #Log4J 2.16.0 is out.
Fully disables all JNDI related functionality, and removes the lookups feature.
Kudos to the team.…
This search query from @logzio is really useful if you use #elk #opensearch or @logzio https://x.com/logzio/status/1469407957649666050
RT @snyksec: On Dec. 10, the world was greeted by the notorious #Log4shell #vuln.
Tomorrow, learn what it is, how devs & orgs are affected…
RT @rdegges: The Log4j vulnerability and its impact on software supply chain security | Snyk https://buff.ly/3GE31i5 <— Awesome article w…
RT @marcioalm: Just added support to LDAP Serialized Payloads in the JNDI-Exploit-Kit. This attack path works in ANY java version as long…
If you are looking for help understanding if you are impacted by the #log4j #log4shell vulnerability and what to do about it if you are, this post from Snyk will give you all the info you need.
RT @yazicivo: 📢 CVE-2021-4104 Log4j 1.x vulnerability in JMS appender (requires privileged access to configuration) https://bugzilla.redhat.com/show_bug.cgi?id=2031667…
RT @BrianVerm: Sending a ton of love to the Apache #log4j maintainers. Maintaining this in your free time with limited resources and gettin…
RT @shai_mendel: #log4j event management options:
- Panic, weekend ruined, hard to understand if you actually fixed everything
- Wake up,…
RT @BrianVerm: Yesterday (Dec.10, 2021), a new critical vulnerability was disclosed for log4j, a very popular Java logging framework from t…
Hi, I’m Lee 👋. Senior Software Engineer at WireMock, Snyk Ambassador, Hacker of code. Appsec enthusiast. Runs Brighton Kotlin & Brighton JUG