Times Union

What is Log4j? A cybersecurity expert explains the latest internet vulnerability, how bad it is and what's at stake

Log4Shell, an internet vulnerability that affects millions of computers, involves an obscure but nearly ubiquitous piece of software, Log4j. The software is used to record all manner of activities ...
VentureBeat

Many orgs are still failing to address Log4j — here’s why

Want smarter insights in your inbox? Sign up for our weekly newsletters to get only what matters to enterprise AI, data, and security leaders. Subscribe Now Out of all the vulnerabilities discovered ...
Automation World

Safeguarding Your ICS Against the Log4j Vulnerability

The log4j vulnerability is a cybersecurity loop-hole that exploits a small, nearly ubiquitous piece of software called log4j, which is used for recording the activities of various computer programs.
Infosecurity-magazine.com

Lessons Learned: The Log4J Vulnerability 12 Months On

It was a shock to all in cybersecurity as Java and the Log4j open-source logging library are prevalent, commonly used across software applications and online services. The issue quickly came to the ...
ZDNet

Log4j: Mirai botnet found targeting ZyXEL networking devices

An Akamai researcher has discovered an attempt to use Log4j vulnerabilities in ZyXEL networking devices to "infect and assist in the proliferation of malware used by the Mirai botnet." Larry ...
ZDNet

Log4J: Microsoft discovers attackers targeting undisclosed SolarWinds vulnerability

Microsoft researchers have discovered a previously undisclosed vulnerability in the SolarWinds Serv-U software while monitoring threats related to Log4J vulnerabilities. Jonathan Bar Or explained on ...
JD Supra

FTC Issues Stern Warning to Companies to Address Known Cybersecurity Vulnerability

The Federal Trade Commission (FTC) issued a surprisingly strong warning to companies that they may face potential regulatory action if they fail to address known vulnerabilities, focusing in ...
JD Supra

FTC issues warning to companies in light of Log4j risks

As 2021 came to a close and the ever-present threat of ransomware attacks continued to loom large, there was arguably no greater security risk in the minds of cybersecurity professionals than the ...
Network World

Log4j hearing: ‘Open source is not the problem’

The high-tech community is still trying to figure out the long-term impact of the serious vulnerability found late last year in the open-source Apache Log4j software, and so is the US Senate. “Open ...
Business Wire

Tanium Expands Partnership With vArmour, Minimizes Impact of Log4j With Actionable Observability

KIRKLAND, Wash.--(BUSINESS WIRE)--Tanium, the platform that organizations trust to gain visibility and control across all endpoints, today announced an expansion to its partnership with vArmour, the ...
VentureBeat

Spring Core vulnerability doesn’t seem to be Log4Shell all over again

A newly disclosed remote code execution vulnerability in Spring Core, a widely used Java framework, does not appear to represent a Log4Shell-level threat. Security researchers at several organizations ...