Log4Shell, an internet vulnerability that affects millions of computers, involves an obscure but nearly ubiquitous piece of software, Log4j. The software is used to record all manner of activities ...

The 2021 White House memorandum that established baseline logging standards is in need of an update to keep pace with modern ...

A joint security alert by CISA and the FBI has warned organizations that haven't applied much-needed Log4j security patches and mitigations to VMware Horizon server instances to assume their network ...

More than a year after the news broke in December 2021, the Log4j vulnerability, or Log4Shell to some, remains one of the most prolific cybersecurity incidents of our time. Still causing chaos for ...

The Cyber Safety Review Board (CSRB), created in 2021 to review major cyber events, released a report last summer recapping the 2021 discovery of the Log4j vulnerability. Its disclosure triggered a ...

Log4j remained a top attack vector for threat actors in 2023, while a new vulnerability, HTTP/2 Rapid Reset is emerging as a significant threat to organizations, according to Cloudflare’s annual “Year ...

Join our daily and weekly newsletters for the latest updates and exclusive content on industry-leading AI coverage. Learn More >>Don’t miss our special issue: How ...

Driven by significant cyber security disclosures affecting supply chain dependencies, such as Log4j and Realtek, threat actors have vastly increased their use of vulnerabilities as a means to work ...

The technology world is entering a new phase where code complexity and widespread use of global software tools have opened the door for a damaging security flaw that can last for years. The urgency to ...

JP oversees the Research and Innovation teams that keep Onapsis on the cutting-edge of the business-critical application security market. In 2021, we commenced the year reeling from the aftermath of ...

Organizations are still exposed to critical vulnerabilities in Log4j, two years after a maximum severity bug was found in the popular utility, according to Veracode. The application security vendor ...

One year ago, a newly discovered zero-day vulnerability rocked the world of cybersecurity, but 12 months on, there are clear signs that vital lessons haven't been learned. The catchily-titled CVE-2021 ...