#Log4j

By: Piotr P. Karwasz, VP Logging, Apache Software Foundation The disclosure of Log4Shell...

Log4Shell 2026 is not a historical cleanup task. It is still a live security problem. Years after...

Learn how Akamai Guardicore Segmentation can help you reveal vulnerable servers and applications, and stop exploitation.

Although Spring Cloud Functions are not as widespread as the Log4j library, and should provide a good separation from the hosting server, some draw the line between the two, due to the ease of exploitation over HTTP/s.…

Threat Researcher Larry Cashdollar has discovered evidence of the Mirai botnet abusing Log4j vulnerability and shares code examples.

Read about strategies to help protect against new and more impactful security threats and vulnerabilities in Log4j from Akamai CTO Charlie Gero.

What new Log4j attack vectors is Akamai seeing? Read what Akamai CTO Charlie Gero says about mitigating DNS and other protocols in part 3 of this 4-part series.

Akamai CTO Charlie Gero shows how the Log4j threat surface could extend to unpatchable embedded and IoT devices.

Learn about the widely used Java-based logging library Log4j and how its vulnerability and other capabilities presented a major opportunity to attackers.

Log4Shell (CVE-2021-44228) is a remote code execution (RCE) vulnerability in the Apache-foundation open-source logging library Log4j. It was published on December 9, 2021, and then all hell broke loose.…

Continuing with our research into CVE-2021-44228, Akamai has previously written about what the vulnerability is and given recommendations on how to go beyond patching for extra protection.…

A critical remote code-execution vulnerability (CVE-2021-44228) has been publicly disclosed in Log4j, an open-source logging utility that’s used widely in applications, including many by large enterprise organizations.…

Akamai has been monitoring the rapidly evolving developments of CVE-2021-44228. We have been working closely with our customers and internal application teams to mitigate the risks posed by the threat of unauthorized remote code execution.…

See how Akamai helped open-source logging library Log4j fight against a critical unauthenticated remote code execution (RCE) vulnerability and reduce customer exposure.