Docker Self-Study and Log4Shell sample vulnerable application (CVE-2021-44228) This repository contains a Spring Boot web application vulnerable to CVE-2021-44228, nicknamed Log4Shell. It is meant as ...

This is a fork from marcourbano's repo but with a clearer explanation on setting it up and using an ubuntu server hosting a website and a backend admin page that runs a vulnerable java application ...

On December 9, 2021, a critical zero-day vulnerability affecting Apache’s Log4j2 library, a Java-based logging utility, was disclosed to the world and broke the internet. As the third most used ...

An exclusive roundtable of security researchers discuss the specific implications of CVE-2021-44228 for smaller businesses, including what’s vulnerable, what an attack looks like and to how to ...

Imagine the scene: a severe vulnerability emerges that affects organisations worldwide, allowing unauthorised access to highly sensitive data. This scenario happened in late 2021 when a popular open ...

Not only is the jaw-dropping flaw in the Apache Log4j logging library ubiquitous; Apache’s blanket of a quickly baked patch for Log4Shell also has holes. As if finding one easily exploited and ...

The CVE-2022-42889 that was dubbed as Text4Shell or ACT4Shell created a lot of noise on social media when it was published (on October 13th), mainly because of the comparison to Log4Shell. For those ...

Log4Shell hit the market hard at the end of 2021. According to a recent story we published, it’s still one of the biggest vulnerabilities, 18 months after it initially appeared. How serious is the ...

The Log4Shell anniversary is here. It has been a year since the initial discovery and publication of Log4Shell (CVE-2021-44228), which was without a doubt one of the most meaningful vulnerabilities in ...

The U.S. Cybersecurity and Infrastructure Security Agency (CISA), along with the Coast Guard Cyber Command (CGCYBER), on Thursday released a joint advisory warning of continued attempts on the part of ...