New research released by security provider Cycognito finds that 70% of organizations are struggling to address Log4j.

Log4j postmortem: Developers are taking a hard look at software supply-chain security gaps Your email has been sent With so many security and developer teams doing postmortems on the Log4j ...

Cybersecurity researchers warn that insecure instances of Lo4j are still out there to be exploited - and are easy for attackers to discover.

A single flaw in Apache Log4j spiraled into one of the most dangerous exploits ever found. Experts warned it could have taken down the entire internet.

A Year Later, That Brutal Log4j Vulnerability Is Still Lurking Despite mitigation, one of the worst bugs in internet history is still prevalent—and being exploited. Photograph: zf L/Getty Images ...

Apache Software Foundation President David Nalley on Tuesday told the Senate Homeland Security & Government Affairs Committee it could take months, or even years, to fully eliminate the Log4j ...

Virtual patching is the action of protecting against vulnerability exploitation without necessarily patching the actual vulnerability.

CyCognito released the next gen of its Exploit Intelligence (EI) tool with an integrated external attack surface sandbox testing environment.

First detailed in December, the vulnerability (CVE-2021-44228) allows attackers to remotely execute code and gain access to systems that use Log4j, a widely used Java logging library.

Log4j Vulnerability Could Be Here For a Decade, Cyber Safety Review Board Says The widespread vulnerability is the first issue tackled by the new board.

The Cyber Safety Review Board (CSRB) recently labeled the Log4j security exploit as an ‘endemic vulnerability’ that will linger for years, according to a report released on Jul 11, 2022. The ...

DHS announced formation of the board in February, but said it would instead prioritize studying vulnerabilities and remediation efforts related to the open source software library called Log4j.