President of Anomali. A leader in intelligence-driven cybersecurity, an ArcSight cofounder and an Ernst & Young Entrepreneur of The Year. If you are like most security leaders, you've encountered ...

Takeaway: Organizations of all types and sizes should actively manage exposure to loss due to the Log4j vulnerability. Doing so will not be easy. The Log4j program is present in so many applications ...

Join our daily and weekly newsletters for the latest updates and exclusive content on industry-leading AI coverage. Learn More There’s no way to sugarcoat it: the widespread vulnerability in Apache ...

A vulnerability living inside a Java-based software known as "Log4j" shook the internet this week. The list of potential victims encompasses nearly a third of all web servers in the world, according ...

The White House is holding a meeting today with Apache, Google, Apple, Amazon, and other major tech organizations to discuss software security and open source tools. This comes in the wake of the ...

On Dec. 9, the Apache Software Foundation issued a Log4j security alert that a vulnerability (CVE-2021-44228), aka Log4Shell, allows unauthenticated users to remotely execute or update software code ...

Join our daily and weekly newsletters for the latest updates and exclusive content on industry-leading AI coverage. Learn More Yesterday, the US government’s Cyber Safety Review Board (CSRB) released ...

A bug in the ubiquitous Log4j library can allow an attacker to execute arbitrary code on any system that uses Log4j to write logs. Does yours? Yesterday the Apache Foundation released an emergency ...

A newly discovered vulnerability is now posing a huge threat towards Java versions of Minecraft, making it possible to execute malicious code on servers as well as end-user devices that are playing ...

After nearly two years of adopting major network and security changes wrought by COVID-19 and hybrid work, weary IT network and security teams didn’t need another big issue to take care of, but they ...

It’s time to sound the alarm for Log4Shell. Saryu Nayyar, CEO at Gurucul, discusses what actions you should be taking. It’s not my intention to be alarmist about the Log4j vulnerability ...

The discovery, which affects services running as localhost that aren’t exposed to any network or the internet, vastly widens the scope of attack possibilities. Defenders will once again be busy ...