The Washington Post

The ‘most serious’ security breach ever is unfolding right now. Here’s what you need to know.

On Dec. 9, word of a newly discovered computer bug in a hugely popular piece of computer code started rippling around the cybersecurity community. By the next day, nearly every major software company ...
PC Magazine

What Is the Log4j Exploit, and What Can You Do to Stay Safe?

Hackers could take control of millions of servers, shutting them down or forcing them to spew malware due to widely-used faulty code. Here's how it happened, and what can you do to protect yourself.
TechRepublic

Log4j: How to protect yourself from this security vulnerability

The Log4j security vulnerability known as Log4Shell is shaping up to be one of the worst security flaws of the year, potentially affecting millions of applications and painting a bullseye on unpatched ...
JD Supra

Log4J - Who does it impact?

Takeaway: Organizations of all types and sizes should actively manage exposure to loss due to the Log4j vulnerability. Doing so will not be easy. The Log4j program is present in so many applications ...
ZDNet

Nearly half of corporate networks have been targeted

I wore the world's first HDR10 smart glasses TCL's new E Ink tablet beats the Remarkable and Kindle Anker's new charger is one of the most unique I've ever seen Best laptop cooling pads Best flip ...
The Next Web

The Log4j bug exposes a bigger issue: Open-source funding (Updated)

Update (December 14 ,2021): We’ve updated this article with information about the new Log4j version release, along with new exploit vectors, and risks related to all Java versions. While you were ...
Redmond Magazine

Microsoft Sentinel Gets Log4j Exploit Detector Preview

Microsoft added a preview solution in Microsoft Sentinel that helps IT pros find signs of Log4j exploits, according to a Thursday announcement and Twitter post. The Log4j exploit detection preview ...
CRN

12 Cybersecurity Vendors Susceptible To The Log4j Vulnerability

Vulnerable Log4j code can be found in products from prominent identity vendors like CyberArk, ForgeRock, Okta and Ping Identity, as well as SMB-focused security companies like Fortinet, SonicWall, and ...
Wired

Buckle Up for More Log4j Madness

It feels like the world has a lot of Pandora's boxes open at once right now. Last week another crisis came into view with disclosure of a vulnerability in the widely used open source Apache logging ...
Dark Reading

Analysis: Log4j Vulnerability Highlights the Value of Defense-in-Depth, Accurate Inventory

Many security teams have been running hard for past few days looking to assess and address their organizations' exposure to CVE-2021-44228, aka "Log4Shell," a flaw disclosed within the popular Log4j ...
TechCrunch

FTC warns of legal action against organizations that fail to patch Log4j flaw

U.S. organizations that fail to secure customer data against Log4Shell, a zero-day vulnerability in the widely used Log4j Java logging library, could face legal repercussions, the Federal Trade ...
ZDNet

Fortinet: Log4j had nearly 50x activity volume of ProxyLogon

Cybersecurity giant Fortinet found that Log4j had nearly 50 times the activity volume compared to ProxyLogon based on peak 10-day average volume in the second half of 2021. The finding was part of the ...