VentureBeat

Log4j vulnerabilities, malware strains multiply; major attack disclosed

Join our daily and weekly newsletters for the latest updates and exclusive content on industry-leading AI coverage. Learn More As cybersecurity teams grapple with having to potentially patch their ...
Fast Company

Log4j vulnerability explained: The software flaw that has the tech world racing for a fix

The entire cybercommunity is on high alert over a security risk that experts are calling one of the worst of our time. In late November, a cloud-security researcher for Chinese tech giant Alibaba ...
ZDNet

Log4j flaw: Why it will still be causing problems a decade from now

Despite a well-coordinated effort to rally organizations to patch to the major open-source software flaw, cybersecurity officials don't see an end to the Log4Shell problems for at least a decade. That ...
CBS News

Panel finds notorious Log4j internet bug did not lead to any "significant" attacks on critical infrastructure

A panel of U.S. government officials and private-sector experts tasked with investigating the nation's major cybersecurity failures has concluded that the notorious Log4j internet bug did not prompt ...
VentureBeat

Log4j vulnerability opened the door to the ransomware operators

Join our daily and weekly newsletters for the latest updates and exclusive content on industry-leading AI coverage. Learn More For the cybercriminal operators who specialize in ransomware, business ...
ZDNet

Not patched Log4j yet? Assume attackers are in your network, say CISA and FBI

A joint security alert by CISA and the FBI has warned organizations that haven't applied much-needed Log4j security patches and mitigations to VMware Horizon server instances to assume their network ...
CRN

12 Cybersecurity Vendors Susceptible To The Log4j Vulnerability

Vulnerable Log4j code can be found in products from prominent identity vendors like CyberArk, ForgeRock, Okta and Ping Identity, as well as SMB-focused security companies like Fortinet, SonicWall, and ...
Wired

The FTC Wants Companies to Find Log4j Fast. It Won't Be Easy

On December 9, when the Apache Software Foundation disclosed a massive vulnerability in Log4j, its Java logging library, it triggered a cat-and-mouse game as IT professionals raced to secure their ...
Forbes

The Lessons Of Log4J: It May Seem Like Last Year’s News, But Don't Ignore The Implications Of This Attack

Like meteorologists after category 5 hurricanes, cybersecurity experts often seem foolish for overestimating the potential damage from the latest security bug. Unfortunately, that’s probably not going ...
Wired

Buckle Up for More Log4j Madness

It feels like the world has a lot of Pandora's boxes open at once right now. Last week another crisis came into view with disclosure of a vulnerability in the widely used open source Apache logging ...
The Verge

Log4j is patched, but the exploits are just getting started

Peter Membrey, chief architect of ExpressVPN, remembers vividly seeing the news of the Log4j vulnerability break online. “As soon as I saw how you could exploit it, it was horrifying,” says Membrey.
New York Post

Why is the Log4j cybersecurity flaw the ‘most serious’ in decades?

A newly discovered cybersecurity flaw is affecting vast swaths the internet from Google and Amazon to the systems used to run militaries and hospitals, with US Homeland Security’s top cybersecurity ...