American Banker

Log4j security vulnerability is a double threat to banks

Like news an everyday appliance could be lethal to homeowners, the recent discovery of a security vulnerability in a widely used program, the Apache Software Foundation's Log4j, was unsettling to most ...
Government Technology

What is Log4j? A Cybersecurity Expert Explains the Latest Internet Vulnerability

Log4Shell, an internet vulnerability that affects millions of computers, involves an obscure but nearly ubiquitous piece of software, Log4j. The software is used to record all manner of activities ...
Fast Company

Log4j vulnerability explained: The software flaw that has the tech world racing for a fix

In late November, a cloud-security researcher for Chinese tech giant Alibaba discovered a flaw in a popular open-source coding framework called Log4j. The employee quickly notified Log4j’s parent ...
Dark Reading

How to Prevent the Next Log4j-Style Zero-Day Vulnerability

Software testing is notoriously hard. Search Google for CVEs caused by basic CRLF (newline character) issues and you'll see thousands of entries. Humanity has put a man on the moon, but we still haven ...
ABC News

New cyber vulnerability poses 'severe risk,' DHS says

The vulnerability is linked to a commonly used piece of software called Log4j. Late Saturday, the Department of Homeland Security Cybersecurity and Infrastructure Security Agency (CISA) issued an ...
Threat Post

The Log4j Vulnerability Puts Pressure on the Security World

It’s time to sound the alarm for Log4Shell. Saryu Nayyar, CEO at Gurucul, discusses what actions you should be taking. It’s not my intention to be alarmist about the Log4j vulnerability ...
InfoWorld

How to detect the Log4j vulnerability in your applications

A bug in the ubiquitous Log4j library can allow an attacker to execute arbitrary code on any system that uses Log4j to write logs. Does yours? Yesterday the Apache Foundation released an emergency ...
CRN

12 Cybersecurity Vendors Susceptible To The Log4j Vulnerability

Vulnerable Log4j code can be found in products from prominent identity vendors like CyberArk, ForgeRock, Okta and Ping Identity, as well as SMB-focused security companies like Fortinet, SonicWall, and ...
CBS News

Nightmare before Christmas: What to know about the Log4j vulnerability

A vulnerability living inside a Java-based software known as "Log4j" shook the internet this week. The list of potential victims encompasses nearly a third of all web servers in the world, according ...
ZDNet

Log4j flaw: This new threat is going to affect cybersecurity for a long time

If there ever was any doubt over the severity of the Log4j vulnerability, director of US cybersecurity and infrastructure agency CISA, Jen Easterly, immediately quashed those doubts when she described ...
SiliconANGLE

Criminal groups continue to exploit Apache Log4j vulnerability with ransomware and malware

Criminal groups and even suspected state-sponsored hacking groups continue to exploit a serious vulnerability in Apache Log4j with ransomware and other forms of malware. According to research from ...
Nextgov

CISA, FBI issue new guidance on addressing Log4j risks

The Cybersecurity and Infrastructure Security Agency and its partners are providing new ways to identify Log4j risks and mitigate possible exploitation. The Cybersecurity and Infrastructure Security ...