VentureBeat

Many orgs are still failing to address Log4j — here’s why

Want smarter insights in your inbox? Sign up for our weekly newsletters to get only what matters to enterprise AI, data, and security leaders. Subscribe Now Out of all the vulnerabilities discovered ...
TechRepublic

Log4j postmortem: Developers are taking a hard look at software supply-chain security gaps

Log4j postmortem: Developers are taking a hard look at software supply-chain security gaps Your email has been sent With so many security and developer teams doing postmortems on the Log4j security ...
ZDNet

Log4j flaw: Thousands of applications are still vulnerable, warn security researchers

Months on from a critical zero-day vulnerability being disclosed in the widely-used Java logging library Apache Log4j, a significant number of applications and servers are still vulnerable to ...
Wired

A Year Later, That Brutal Log4J Vulnerability Is Still Lurking

A year ago, as Russia amassed troops at its border with Ukraine and the Covid-19 Omicron variant began to surge around the world, the Apache Software Foundation disclosed a vulnerability that set off ...
ZDNet

Not patched Log4j yet? Assume attackers are in your network, say CISA and FBI

A joint security alert by CISA and the FBI has warned organizations that haven't applied much-needed Log4j security patches and mitigations to VMware Horizon server instances to assume their network ...
Wall Street Journal

Two Months On, Many Developers Are Still Downloading Flawed Log4j Tool

The December disclosure of a security flaw in a widely used piece of logging software known as Log4j drew grave warnings from U.S. officials that the bug could open the door for a surge in ...
VentureBeat

How external attack surface management lets you see your org through an attacker’s eyes

Join our daily and weekly newsletters for the latest updates and exclusive content on industry-leading AI coverage. Learn More >>Don’t miss our special issue: How ...
Washington Times

Cybersecurity experts struggle to answer lawmakers’ questions on Log4J hacking

Cybersecurity experts struggled Tuesday to answer lawmakers’ basic questions about the danger of a flaw in the open-source logging platform Apache Log4J that could plague computer network defenders ...
CNET

Log4j Vulnerability Could Be Here For a Decade, Cyber Safety Review Board Says

Andrew Blok covered home energy, with a focus on solar, and navigated the changing energy landscape to help people make smart energy decisions. He's a graduate of the Knight Center for Environmental ...
TechRepublic

Cyber Safety Review Board classifies Log4j as ‘endemic vulnerability’

The Cyber Safety Review Board (CSRB) recently labeled the Log4j security exploit as an ‘endemic vulnerability’ that will linger for years, according to a report released on Jul 11, 2022. The ...
Computer Weekly

China’s APT41 exploited Log4j within hours

The Chinese advanced persistent threat (APT) actor tracked variously as APT41, Barium, Wicked Panda/Spider or Bronze Atlas was actively compromising victims via the Log4Shell vulnerability in Apache ...