Wahnsinn. #opensource #linux #log4j #itsec #exploits
"I am no hero" Unfassbar gut, lieber @br_data ! #br #bayerischerrundfunk

Linkempfehlung ARD Audiothek

https://www.ardaudiothek.de/episode/wild-wild-web-geschichten-aus-dem-internet/das-wichtigste-hobby-der-welt/br/14442077/

You can call yourself a senior programmer when you have at least one in your
life, told yourself: "I should have logged this."

Wait, didn't we fix this?

https://securityaffairs.com/163984/hacking/critical-apache-log4j2-flaw-still-threatens-global-finance.html

Remember two years ago? During the #log4j craze I received this demanding email requiring quick answers to where my open source projects used log4j:

https://daniel.haxx.se/blog/2022/01/24/logj4-security-inquiry-response-required/

Fehlende Upgrades: Mehr als jede dritte Anwendung mit Log4j ist angreifbar - Golem.de
https://glm.io/180220?n #Log4j

North Korean hackers using Log4J vulnerability in global campaign https://therecord.media/north-korean-hackers-using-log?utm_medium=email&_hsmi=286069862&utm_content=286068530&utm_source=hs_email

“Evaluate user input, JNDI. Or programmers will invent a worse way to do it, again.”

This Week in Security: Oracle Opera, Passkeys, and AirTag RFC - There’s a problem with Opera. No, not that kind of opera. The Oracle kind. Oracle ... - https://hackaday.com/2023/05/05/this-week-in-security-oracle-opera-passkeys-and-airtag-rfc/ #hackadaycolumns #securityhacks #airtag #oracle #log4j #news

#showerthoughts How concerned are folks over #log4J 1.x #vulnerabilities going unpatched in older software? I.E - If it's on your network are you concerned? #patching #java #dependencies