
Log4j (CVE-2021-44228) RCE: How to Protect?
Apache Log4j is an open-source Java package. It is the most widely used default logging package. Many many things can go wrong. Attackers may execute their own code in your server, remotely over the network, without any permission! If not code, they can scoop up all the server secrets that are in the server memory. Affected users include Apple iCloud, AWS, Google, Cloudflare, most of the financial services world, among others.