Java

Life after Oracle: Redefining Java in the enterprise in 2024

Developer

Life after Oracle: Redefining Java in the enterprise in 2024

Ignore the cool kids. 2024 will see Java redefine its value to enterprise

clock 08 December 2023 • 5 min read
How gen-AI is getting faster and learning to admit it doesn't know

Developer

How gen-AI is getting faster and learning to admit it doesn't know

DataStax CTO Jonathan Ellis on the breakneck pace of AI innovation

clock 24 October 2023 • 5 min read
Apache Commons Text vulnerability not as serious as Log4Shell, researchers say

Threats and Risks

Apache Commons Text vulnerability not as serious as Log4Shell, researchers say

The newly disclosed RCE bug stems from the insecure implementation of Commons Text's variable interpolation feature, but it is hard to exploit

clock 20 October 2022 • 4 min read
After Log4J US lawmakers rush to secure open source software

Open Source

After Log4J US lawmakers rush to secure open source software

The bipartisan Securing Open Source Software Act is a positive development for open source software everywhere

clock 10 October 2022 • 5 min read
CISA warns of active exploitation of critical RCE bug affecting Zoho ManageEngine products

Threats and Risks

CISA warns of active exploitation of critical RCE bug affecting Zoho ManageEngine products

The vendor has already released security updates to fix the issue

clock 23 September 2022 • 2 min read
SpringShell: Patches released for critical zero-day

Threats and Risks

SpringShell: Patches released for critical zero-day

Initial analysis indicates that the bug may not be as severe as Log4Shell

clock 01 April 2022 • 3 min read
Another open source dev stops support because corporates won't pay

Developer

Another open source dev stops support because corporates won't pay

Christofer Dutz is the latest in a series of developers to down tools in protest at corporates' free use of their work

clock 14 January 2022 • 3 min read
Fixing Log4Shell: how a university patched all its endpoints over a weekend

Threats and Risks

Fixing Log4Shell: how a university patched all its endpoints over a weekend

It's all about knowing what you have, how the software is interconnected and then getting boots on the ground, says SNHU's endpoint team

clock 13 January 2022 • 4 min read
Critical H2 database vulnerability similar to Log4Shell disclosed

Threats and Risks

Critical H2 database vulnerability similar to Log4Shell disclosed

All H2 users should upgrade to the newest version 2.0.206 which is patched for the flaw

clock 11 January 2022 • 3 min read
NHS cyber team sounds the alarm over Log4Shell attacks on VMware software

Threats and Risks

NHS cyber team sounds the alarm over Log4Shell attacks on VMware software

Threat actors can use a two-stage attack to establish a presence on affected networks

clock 10 January 2022 • 2 min read