President of Anomali. A leader in intelligence-driven cybersecurity, an ArcSight cofounder and an Ernst & Young Entrepreneur of The Year. If you are like most security leaders, you've encountered ...

Apache Software Foundation President David Nalley testifies to a Senate committee about the Log4j vulnerability. The discovery of easily exploitable weaknesses in Log4j, an open source piece of ...

"Log4j is an ‘endemic vulnerability’ and vulnerable instances of Log4j will remain in systems for many years to come," the Cyber Safety Review Board noted. The U.S. Department of Homeland Security ...

Join our daily and weekly newsletters for the latest updates and exclusive content on industry-leading AI coverage. Learn More Jen Easterly, director of the Cybersecurity and Infrastructure Security ...

As 2021 came to a close and the ever-present threat of ransomware attacks continued to loom large, there was arguably no greater security risk in the minds of cybersecurity professionals than the ...

Log4j postmortem: Developers are taking a hard look at software supply-chain security gaps Your email has been sent With so many security and developer teams doing postmortems on the Log4j security ...

A joint security alert by CISA and the FBI has warned organizations that haven't applied much-needed Log4j security patches and mitigations to VMware Horizon server instances to assume their network ...

Takeaway: Organizations of all types and sizes should actively manage exposure to loss due to the Log4j vulnerability. Doing so will not be easy. The Log4j program is present in so many applications ...

Attackers are exploiting a vulnerability in the Log4j logging platform on systems running Apache software that is written in Java and utilizes the log4j library. Critical systems will be impacted.

The White House is holding a meeting today with Apache, Google, Apple, Amazon, and other major tech organizations to discuss software security and open source tools. This comes in the wake of the ...

When the Log4j vulnerability news first came out, it seemed like a problem for overworked security experts. But as the patching crisis unfolded, many ERP managers spent their holidays on the job ...

SolarWinds and Log4j have made software supply chain security issues a topic of intense interest and scrutiny for businesses and governments alike. SolarWinds was a terrifying example of what can go ...