Attackers are exploiting a vulnerability in the Log4j logging platform on systems running Apache software that is written in Java and utilizes the log4j library. Critical systems will be impacted.

The Cybersecurity and Infrastructure Security Agency (CISA), along with the Federal Bureau of Investigation (FBI), National Security Agency (NSA), Australian Cyber Security Centre (ACSC), Canadian ...

A sure-fire way to prevent exploitation of Log4j vulnerabilities has yet to appear, but these actions are your best bet for reducing risk. The IT security community has been hard at work for the past ...

The Log4j security vulnerability known as Log4Shell is shaping up to be one of the worst security flaws of the year, potentially affecting millions of applications and painting a bullseye on unpatched ...

Security teams working to mitigate their organizations' exposure to the Log4j vulnerability have plenty of challenges to overcome. They include scoping the full extent of exposure, figuring out ...

The Cybersecurity and Infrastructure Security Agency (CISA) sent out an emergency directive on Friday, requiring federal civilian departments and agencies to immediately patch their internet-facing ...

The fallout from the Apache Log4j vulnerability continues as researchers discover a second exploit that could lead to denial-of-service attacks. A patch is available to fix the issue. A second ...

It was a crazy weekend for cyberattacks. People seem surprised, but those of us in the industry aren’t surprised one bit. It is very logical and foreseeable that hackers are leveraging attacks that ...

The Cybersecurity and Infrastructure Security Agency (CISA) issued Emergency Directive (ED) 22-02 today requiring federal civilian departments and agencies to assess their internet-facing network ...

As companies scramble to address the newly exploited, ubiquitous Log4j vulnerability, companies’ actions are now the potential source for government scrutiny. Our ...