NH Business Review

How should you respond to the Log4j vulnerability?

The top U.S. cybersecurity officials have called the Log4j vulnerability one of the most serious security flaws in decades. The Common Vulnerability Scoring System (CVSS), which rates the severity of ...
Computer Weekly

Top three questions about the Log4j vulnerability

In December 2021, a vulnerability in the open source Log4J logging service used by developers to monitor their Java applications first came to light, leaving enterprises scrambling to patch affected ...
CRN

10 Technology Vendors Affected By The Log4j Vulnerability

Vulnerable Log4j code can be found in products from some of the most prominent technology vendors like Cisco, IBM, and VMware, and as well as one serving the MSP community like ConnectWise and N-able.
Dark Reading

How Do I Find My Servers With the Log4j Vulnerability?

Question: How do I find servers in my organization that have the vulnerable Log4j component? For enterprise IT and security teams tasked with updating Java applications containing the vulnerable Log4j ...
Dark Reading

How to Prevent the Next Log4j-Style Zero-Day Vulnerability

Software testing is notoriously hard. Search Google for CVEs caused by basic CRLF (newline character) issues and you'll see thousands of entries. Humanity has put a man on the moon, but we still haven ...
American Banker

Log4j security vulnerability is a double threat to banks

Like news an everyday appliance could be lethal to homeowners, the recent discovery of a security vulnerability in a widely used program, the Apache Software Foundation's Log4j, was unsettling to most ...
ZDNet

CISA orders federal civilian agencies to patch Log4j vulnerability and 12 others by December 24

CISA created a landing page for all Log4j vulnerability content and is providing insight alongside the Joint Cyber Defense Collaborative that includes multiple cybersecurity companies. CISA added the ...
CRN

Log4j Vulnerability: How Two MSPs Reacted To The Massive Exploit

‘It’s one of the challenges with these kinds of vulnerabilities when they’re so critical,’ he says. ‘The community moves very rapidly to patch the open-source project but you often don’t get a perfect ...
Nextgov

CISA, FBI issue new guidance on addressing Log4j risks

The Cybersecurity and Infrastructure Security Agency and its partners are providing new ways to identify Log4j risks and mitigate possible exploitation. The Cybersecurity and Infrastructure Security ...
Threat Post

The Log4j Vulnerability Puts Pressure on the Security World

It’s time to sound the alarm for Log4Shell. Saryu Nayyar, CEO at Gurucul, discusses what actions you should be taking. It’s not my intention to be alarmist about the Log4j vulnerability ...
ZDNet

Log4j flaw: This new threat is going to affect cybersecurity for a long time

If there ever was any doubt over the severity of the Log4j vulnerability, director of US cybersecurity and infrastructure agency CISA, Jen Easterly, immediately quashed those doubts when she described ...