VentureBeat

Many orgs are still failing to address Log4j — here’s why

Want smarter insights in your inbox? Sign up for our weekly newsletters to get only what matters to enterprise AI, data, and security leaders. Subscribe Now Out of all the vulnerabilities discovered ...
ZDNet

Log4j flaw: Why it will still be causing problems a decade from now

Despite a well-coordinated effort to rally organizations to patch to the major open-source software flaw, cybersecurity officials don't see an end to the Log4Shell problems for at least a decade. That ...
Government Technology

Review Board Recommends Steps to Tackle Long-Term Log4J Risk

The Log4j vulnerability discovered late last year could continue putting systems at risk for “a decade or longer,” as unpatched instances linger on systems, according to a new report out this week.
ZDNet

Not patched Log4j yet? Assume attackers are in your network, say CISA and FBI

A joint security alert by CISA and the FBI has warned organizations that haven't applied much-needed Log4j security patches and mitigations to VMware Horizon server instances to assume their network ...
CSOonline

Cyber Safety Review Board warns that Log4j event is an “endemic vulnerability”

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) released the first report of the Cyber Safety Review Board (CSRB), formed in February as directed under President Biden’s May 2021 ...
Dark Reading

DHS Review Board Deems Log4j an 'Endemic' Cyber Threat

The US Department of Homeland Security's Cyber Safety Review Board (CSRB) has concluded that the Apache Log4j vulnerability disclosed in December 2021 will remain a significant risk to organizations ...
Infosecurity-magazine.com

Lessons Learned: The Log4J Vulnerability 12 Months On

It was a shock to all in cybersecurity as Java and the Log4j open-source logging library are prevalent, commonly used across software applications and online services. The issue quickly came to the ...