RIA Weekly

Episode 335: Eager to take a JNDI lookup

Informações:

Sinopsis

This week we discuss how the industry reacted to the Log4j vulnerability and the merits of going Multicloud. Plus, some thoughts on printer paper. Rundown Log4j and OSS Security warning: New zero-day in the Log4j Java library is already being exploited (https://www.zdnet.com/article/security-warning-new-zero-day-in-the-log4j-java-library-is-already-being-exploited/) ‘Extremely bad’ vulnerability found in widely used logging system (https://www.theverge.com/2021/12/10/22828303/log4j-library-vulnerability-log4shell-zero-day-exploit) What you need to know about the Log4J vulnerability rocking the internet (https://blog.f-secure.com/what-you-need-to-know-about-the-log4j-vulnerability-rocking-the-internet/) Zero-Day Exploit Targeting Popular Java Library Log4j (https://www.govcert.ch/blog/zero-day-exploit-targeting-popular-java-library-log4j/) Paying people to work on OSS (https://twitter.com/grhmc/status/1470074108327215118?s=21) Don’t pay people to work on OSS? (https://twitter.com/littleidea/status/147039323025