The widespread vulnerability that first appeared in Apache Log4j in 2021 will continue to be exploited, potentially even in worse ways than we've seen to date. The more worrisome aspect of these ...
The ubiquitous Log4j bug will be with us for years. John Hammond, senior security researcher at Huntress, discusses what’s next. Jen Easterly, the director of the Cybersecurity and Infrastructure ...
Vulnerability disclosures often come in bunches, and unvetted patch updates can create their own problems. Here's how to assess and prioritize both. The past few weeks left IT professionals ...
As 2021 came to a close and the ever-present threat of ransomware attacks continued to loom large, there was arguably no greater security risk in the minds of cybersecurity professionals than the ...
Software testing is notoriously hard. Search Google for CVEs caused by basic CRLF (newline character) issues and you'll see thousands of entries. Humanity has put a man on the moon, but we still haven ...
Roughly 38% of applications using the Apache Log4j library are using a version vulnerable to security issues, including Log4Shell, a critical vulnerability identified as CVE-2021-44228 that carries ...
When the Log4j vulnerability news first came out, it seemed like a problem for overworked security experts. But as the patching crisis unfolded, many ERP managers spent their holidays on the job ...
Two weeks ago, the UK's National Health Service (NHS) issued a warning that an 'unknown threat group' is attempting to exploit a Log4j vulnerability (CVE-2021-44228) in VMware Horizon servers to ...
The China-affiliated state-sponsored threat actor used Log4j and zero-day bugs in the USAHerds animal-tracking software to hack into multiple government networks. USAHerds – an app used (PDF) by ...
Organizations are still exposed to critical vulnerabilities in Log4j, two years after a maximum severity bug was found in the popular utility, according to Veracode. The application security vendor ...
A newly disclosed remote code execution vulnerability in Spring Core, a widely used Java framework, does not appear to represent a Log4Shell-level threat. Security researchers at several organizations ...
During 2021, the top 15 vulnerabilities that were exploited -- as observed by the US Cybersecurity and Infrastructure Security Agency, US NSA, US FBI, the Australian Cyber Security Centre, the ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results
Feedback