Orthogonality is a concept often used to describe modular and maintainable software, but it’s more easily understood by way of a case study. In this article, Jens Dietrich demystifies orthogonality ...

The vulnerability allows remote code execution on servers, including those operated by Apple, Twitter, Valve, Tencent, and other major service providers. I've been writing about tech, including ...

The Log4Shell vulnerability critically threatens anybody using the popular open-source Apache Struts framework and could lead to a “Mini internet meltdown soonish.” An excruciating, easily exploited ...

The company also warns that cybercriminal groups are exploiting the flaw, likely to launch ransomware attacks. The critical Apache Log4j 2 vulnerability is paving the way for state-sponsored hackers ...

After nearly two years of adopting major network and security changes wrought by COVID-19 and hybrid work, weary IT network and security teams didn’t need another big issue to take care of, but they ...

A monthly overview of things you need to know as an architect or aspiring architect. Unlock the full InfoQ experience by logging in! Stay updated with your favorite authors and topics, engage with ...

Apache has released another Log4j version, 2.17.1 fixing a newly discovered remote code execution (RCE) vulnerability in 2.17.0, tracked as CVE-2021-44832. Prior to today, 2.17.0 was the most recent ...

Everyone's heard of the critical log4j zero-day by now. Dubbed 'Log4Shell,' the vulnerability has already set the internet on fire. Log4j usage is rampant among many software products and multiple ...

Cybersecurity company CrowdStrike has discovered an attempt by a China-based group to infiltrate an academic institution through the Log4j vulnerability. CrowdStrike called the group "Aquatic Panda" ...

Vulnerable Log4j code can be found in products from some of the most prominent technology vendors like Cisco, IBM, and VMware, and as well as one serving the MSP community like ConnectWise and N-able.

The big news this week is Log4j, breaking just a few hours too late to be included in last week’s column. Folks are already asking if this is the most severe vulnerability ever, and it does look like ...