Times Union

What is Log4j? A cybersecurity expert explains the latest internet vulnerability, how bad it is and what's at stake

Log4Shell, an internet vulnerability that affects millions of computers, involves an obscure but nearly ubiquitous piece of software, Log4j. The software is used to record all manner of activities ...
Nextgov

Log4j Vulnerability Prompts Lawmakers to Examine Agency Cyber Measures

Get the latest federal technology news delivered to your inbox. House Energy and Commerce Committee Leaders sent letters on Wednesday to several federal agencies requesting briefings to address ...
ZDNet

Log4j flaw: Why it will still be causing problems a decade from now

Despite a well-coordinated effort to rally organizations to patch to the major open-source software flaw, cybersecurity officials don't see an end to the Log4Shell problems for at least a decade. That ...
TechRepublic

Cyber Safety Review Board classifies Log4j as ‘endemic vulnerability’

The Cyber Safety Review Board (CSRB) recently labeled the Log4j security exploit as an ‘endemic vulnerability’ that will linger for years, according to a report released on Jul 11, 2022. The ...
Homeland Security Today

PERSPECTIVE: Why the December 2021 Log4j Event Remains Top of Mind for Cyber Professionals

The Cyber Safety Review Board (CSRB), created in 2021 to review major cyber events, released a report last summer recapping the 2021 discovery of the Log4j vulnerability. Its disclosure triggered a ...
Bleeping Computer

Microsoft: Iranian hackers still exploiting Log4j bugs against Israel

Hackers continue to exploit the Log4j vulnerability in vulnerable applications, as shown by the Iranian 'MuddyWater' threat actor who was found targeting Israeli organizations using the SysAid ...
Infosecurity-magazine.com

Over a Year of Log4j Lingering: Why We Need to Stop Viewing High-Severity Breaches as Anomalies

More than a year after the news broke in December 2021, the Log4j vulnerability, or Log4Shell to some, remains one of the most prolific cybersecurity incidents of our time. Still causing chaos for ...
Bleeping Computer

Over 30% of Log4J apps use a vulnerable version of the library

Roughly 38% of applications using the Apache Log4j library are using a version vulnerable to security issues, including Log4Shell, a critical vulnerability identified as CVE-2021-44228 that carries ...
Infosecurity-magazine.com

#BHUSA: The Cyber Safety Review Board Outlines Log4j Lessons

The US Department of Homeland Security (DHS) launched its Cyber Safety Review Board (CSRB) in February 2022, as an effort to help organizations learn from security incidents. The biggest single effort ...
adtmag.com

Waratek Adds Log4J Scanner and API Security to its Java Security Platform

The Java security specialists at Dublin-based Waratek have released a new Log4J Vulnerability Scanner and added API security to their Java Security Platform, the company announced recently. The ...
WRAL TechWire

‘One of the most serious software vulnerabilities in history’ – Log4j – remains a threat, feds warn

A computer vulnerability discovered last year in a ubiquitous piece of software is an “endemic” problem that will pose security risks for potentially a decade or more, according to a new cybersecurity ...