Log4j actively exploited, serious complications can occur according to CERT NZ

The widely-used java logging library, log4j, has been actively exploited, according to an update from CERT NZ and Catalyst.

The software is said to currently have an unauthenticated RCE vulnerability if a user-controlled string is logged. This could therefore allow the attacker complete…

Source: itbrief.co.nz – Read more