log4j vulnerability

Literally just heard about this an hour ago. Seems like it should have been bigger news story. Maybe I'm just out of it.
It was pretty big news from what I've seen.

Also, memes.
Last edited on
I scan the headlines of a major paper everyday, and today is the first time I saw anything. From the article I read it was discovered by the masses on December 9th. So I'm beginning to wonder if maybe I should be reading a different paper.

Looks like it just the news source I rely on, most new sources were writing about it on the 12th.
Last edited on
Those were some high quality log4j memes, I thank thee.
it was found on 20201209 apparently. So "only" a short time ago in human terms.
There have been plenty of news stories about it since. If you are into a position where you care about security beyond updating your scanner locally, you should subscribe to some feeds that keep you in the loop on this stuff as it happens, or if you just want to know. I don't know where to look for these anymore, but most major virus companies had a place you could subscribe to alerts and such, and I think microsoft has one as well (?).

maybe try this one? https://www.cisa.gov/uscert/ncas/bulletins

The problem with news stories is the journalists largely don't understand the words nor do they care to (this is across the board, journalism is all but dead right now). So most of the news is garbled and all you really get is "you could get hacked" from their stories. Here again, if you care, you need to proactively seek out an informed source that has coherent facts.
Last edited on
Computerphile has an episode about the recent Log4j vulnerability:
Last edited on
Tried watching that Computerphile thing a while ago, way too dry. One of them just keeps stuttering every .1 seconds.
Topic archived. No new replies allowed.