Security news that informs and inspires


13 results for tag Apache:

Critical-Severity Flaw in Apache Commons Text Library Fixed

Details about the severity and scope of the vulnerability are still emerging, including the detection of any examples of real-world applications using vulnerable configurations of the impacted library.


New Log4j Flaw Allows Remote Code Execution

The newer Log4j vulnerability (CVE-2021-45046) can allow remote code execution in some circumstances on macOS.

Log4j, Apache

Log4j Attacks Spread as State Actors Target Bug

State actors from China, Iran, North Korea and other countries are targeting the Log4j (CVE-2021-44228) flaw.

Log4j, Apache

Q&A: John Hammond

John Hammond of Huntress discusses the seriousness of the Apache Log4j vulnerability, the community response, and how attackers are exploiting it.

Log4j, Apache

Exploitation Attempts Ramp Up Against Critical Log4j Flaw

While a patch is available from the Apache Software Foundation, researchers say that numerous companies may need to wait until vendors push security updates out to their own products.

Apache, Java Exploit, Exploit Defense