JD Supra

The Log4j Vulnerability: What This Critical Vulnerability Means for Your Enterprise

As companies scramble to address the newly exploited, ubiquitous Log4j vulnerability, companies’ actions are now the potential source for government scrutiny. Our ...
VentureBeat

Device42 aims to identify Log4j vulnerabilities

Join our daily and weekly newsletters for the latest updates and exclusive content on industry-leading AI coverage. Learn More Jen Easterly, director of the Cybersecurity and Infrastructure Security ...
Government Technology

Review Board Recommends Steps to Tackle Long-Term Log4J Risk

The Log4j vulnerability discovered late last year could continue putting systems at risk for “a decade or longer,” as unpatched instances linger on systems, according to a new report out this week.
VentureBeat

Mandiant reminds us: Don’t forget about Log4j

Join our daily and weekly newsletters for the latest updates and exclusive content on industry-leading AI coverage. Learn More After the disclosure of a critical vulnerability in the widely used ...
JD Supra

FTC Issues Stern Warning to Companies to Address Known Cybersecurity Vulnerability

The Federal Trade Commission (FTC) issued a surprisingly strong warning to companies that they may face potential regulatory action if they fail to address known vulnerabilities, focusing in ...
Homeland Security Today

CISA, FBI, NSA, and International Partners Issue Advisory to Mitigate Apache Log4J Vulnerabilities

The Cybersecurity and Infrastructure Security Agency (CISA), along with the Federal Bureau of Investigation (FBI), National Security Agency (NSA), Australian Cyber Security Centre (ACSC), Canadian ...
Wired

The FTC Wants Companies to Find Log4j Fast. It Won't Be Easy

On December 9, when the Apache Software Foundation disclosed a massive vulnerability in Log4j, its Java logging library, it triggered a cat-and-mouse game as IT professionals raced to secure their ...
ZDNet

Log4j flaw: Why it will still be causing problems a decade from now

Despite a well-coordinated effort to rally organizations to patch to the major open-source software flaw, cybersecurity officials don't see an end to the Log4Shell problems for at least a decade. That ...
Infosecurity-magazine.com

Log4j Showed Us That Public Disclosure Still Helps Attackers

At 2:25 pm on December 9, an infamous (now deleted) tweet linking a zero-day proof of concept exploit for the vulnerability that came to be known as ‘Log4Shell’ on GitHub (also now deleted) set the ...
New York Post

Why is the Log4j cybersecurity flaw the ‘most serious’ in decades?

A newly discovered cybersecurity flaw is affecting vast swaths the internet from Google and Amazon to the systems used to run militaries and hospitals, with US Homeland Security’s top cybersecurity ...
Nextgov

CISA, FBI issue new guidance on addressing Log4j risks

The Cybersecurity and Infrastructure Security Agency and its partners are providing new ways to identify Log4j risks and mitigate possible exploitation. The Cybersecurity and Infrastructure Security ...