The Hill

Officials, experts sound the alarm about critical cyber vulnerability

Officials and cyber experts on Friday sounded the alarm about a critical logging vulnerability that could potentially impact thousands of organizations, racing to implement patches before hackers can ...
Fast Company

Log4j vulnerability explained: The software flaw that has the tech world racing for a fix

In late November, a cloud-security researcher for Chinese tech giant Alibaba discovered a flaw in a popular open-source coding framework called Log4j. The employee quickly notified Log4j’s parent ...
ZDNet

Second Log4j vulnerability discovered, patch already released

A second vulnerability involving Apache Log4j was found on Tuesday after cybersecurity experts spent days attempting to patch or mitigate CVE-2021-44228. The description of the new vulnerability, CVE ...
VentureBeat

Many orgs are still failing to address Log4j — here’s why

Want smarter insights in your inbox? Sign up for our weekly newsletters to get only what matters to enterprise AI, data, and security leaders. Subscribe Now Out of all the vulnerabilities discovered ...
Government Technology

What is Log4j? A Cybersecurity Expert Explains the Latest Internet Vulnerability

Log4Shell, an internet vulnerability that affects millions of computers, involves an obscure but nearly ubiquitous piece of software, Log4j. The software is used to record all manner of activities ...
Threat Post

The Log4j Vulnerability Puts Pressure on the Security World

It’s time to sound the alarm for Log4Shell. Saryu Nayyar, CEO at Gurucul, discusses what actions you should be taking. It’s not my intention to be alarmist about the Log4j vulnerability ...
Threat Post

Zero Day in Ubiquitous Apache Log4j Tool Under Active Attack

The Log4Shell vulnerability critically threatens anybody using the popular open-source Apache Struts framework and could lead to a “Mini internet meltdown soonish.” An excruciating, easily exploited ...
CRN

The Log4J Vulnerability: News And Analysis

The critical vulnerability disclosed Dec. 10 in Java logging package Log4j has sent shockwaves throughout the industry given how frequently that open-source library is used to develop enterprise ...
Nextgov

How the Log4j Vulnerability is Forcing Change in Federal Cybersecurity Policy

Officials say agencies have demonstrated more dedication than ever in addressing a bug with astronomical reach, but organizations are at the mercy of product vendors to issue the patches they need to ...
ABC News

New cyber vulnerability poses 'severe risk,' DHS says

The vulnerability is linked to a commonly used piece of software called Log4j. Late Saturday, the Department of Homeland Security Cybersecurity and Infrastructure Security Agency (CISA) issued an ...
CBS News

Nightmare before Christmas: What to know about the Log4j vulnerability

A vulnerability living inside a Java-based software known as "Log4j" shook the internet this week. The list of potential victims encompasses nearly a third of all web servers in the world, according ...
ZDNet

Log4j flaw: Nearly half of corporate networks have been targeted by attackers trying to use this vulnerability

The number of attacks aiming to take advantage of the recently disclosed security flaw in the Log4j2 Java logging library continues to grow. The vulnerability (CVE-2021-44228) was publicly disclosed ...