Digital Journal

Security expert insights: Log4j endemic vulnerability

A data center: Network cables plugged into a server. — © Michael Bocchieri/AFP/Getty Images A data center: Network cables plugged into a server. — © Michael ...
ZDNet

Not patched Log4j yet? Assume attackers are in your network, say CISA and FBI

A joint security alert by CISA and the FBI has warned organizations that haven't applied much-needed Log4j security patches and mitigations to VMware Horizon server instances to assume their network ...
Nextgov

Log4j Vulnerability Prompts Lawmakers to Examine Agency Cyber Measures

Get the latest federal technology news delivered to your inbox. House Energy and Commerce Committee Leaders sent letters on Wednesday to several federal agencies requesting briefings to address ...
TMCnet

YesWeHack Won the European Commission's Latest Bug Bounty Tender

YesWeHack will support the Commission's Dirctorate-General for Digital Services (DIGIT) in organising a series of bug bounty programs as well as vulnerability disclosure policies (VDPs). A roster of ...
Becker's Hospital Review

White House to host tech firms to address Log4j vulnerability

Software developers and tech firms including Google and Apple will meet with the Biden administration to discuss Log4j and how to make it more secure, according to a CNN report Jan. 13. The ...
Infosecurity-magazine.com

DHS Releases Report into Log4j Vulnerabilities and Response

This week the US Department of Homeland Security (DHS) released the Cyber Safety Review Board’s (CSRB) first report into the December 2021 Log4j event, where a number of vulnerabilities were reported ...
SiliconANGLE

DHS review board declares Log4j an ‘endemic vulnerability’

The first report from the U.S. Department of Homeland Security’s Cyber Safety Review Board today declared Log4j an “endemic vulnerability.” The Department established the Cyber Safety Review Board in ...
Bleeping Computer

Over 30% of Log4J apps use a vulnerable version of the library

Roughly 38% of applications using the Apache Log4j library are using a version vulnerable to security issues, including Log4Shell, a critical vulnerability identified as CVE-2021-44228 that carries ...
WRAL TechWire

‘One of the most serious software vulnerabilities in history’ – Log4j – remains a threat, feds warn

A computer vulnerability discovered last year in a ubiquitous piece of software is an “endemic” problem that will pose security risks for potentially a decade or more, according to a new cybersecurity ...
Homeland Security Today

PERSPECTIVE: Why the December 2021 Log4j Event Remains Top of Mind for Cyber Professionals

The Cyber Safety Review Board (CSRB), created in 2021 to review major cyber events, released a report last summer recapping the 2021 discovery of the Log4j vulnerability. Its disclosure triggered a ...
VentureBeat

How external attack surface management lets you see your org through an attacker’s eyes

Join our daily and weekly newsletters for the latest updates and exclusive content on industry-leading AI coverage. Learn More >>Don’t miss our special issue: How ...
Forbes

Application Security Predictions For 2023

JP oversees the Research and Innovation teams that keep Onapsis on the cutting-edge of the business-critical application security market. In 2021, we commenced the year reeling from the aftermath of ...