InfoWorld

Dynamic Java Log Levels with JMX/LoggingMXBean, JConsole, VisualVM, and Groovy

package dustin.examples; import java.util.logging.Logger; import static java.lang.System.out; public class FickleLogging { private static Logger LOGGER = Logger ...
GIGAZINE

Why does the vulnerability 'Log4Shell (CVE-2021-44228)' found in Java's Log4j library have a major impact on the world?

A version of Apache Log4j, a Java log output library, that fixes the zero-day vulnerability 'CVE-2021-44228 ', commonly known as ' Log4Shell ', for remote code execution will be released on December ...
InfoWorld

Add Logging at Class Load Time with Java Instrumentation

When you’re trying to analyze why a program failed, a very valuable piece of information is what the program was actually doing when it failed. In many cases, this can be determined with a stack trace ...
ZDNet

AWS's AI code reviewer now spots Log4Shell-like bugs in Java and Python code

Amazon Web Services (AWS) has updated the 'detectors' in its CodeGuru Reviewer tool to seek out log injection flaws like the recently disclosed Log4Shell bug in the popular Java logging library Log4J.
Threat Post

Apache’s Fix for Log4Shell Can Lead to DoS Attacks

Not only is the jaw-dropping flaw in the Apache Log4j logging library ubiquitous; Apache’s blanket of a quickly baked patch for Log4Shell also has holes. As if finding one easily exploited and ...