The top U.S. cybersecurity officials have called the Log4j vulnerability one of the most serious security flaws in decades. The Common Vulnerability Scoring System (CVSS), which rates the severity of ...

In late November, a cloud-security researcher for Chinese tech giant Alibaba discovered a flaw in a popular open-source coding framework called Log4j. The employee quickly notified Log4j’s parent ...

Join our daily and weekly newsletters for the latest updates and exclusive content on industry-leading AI coverage. Learn More As cybersecurity teams grapple with having to potentially patch their ...

It’s time to sound the alarm for Log4Shell. Saryu Nayyar, CEO at Gurucul, discusses what actions you should be taking. It’s not my intention to be alarmist about the Log4j vulnerability ...

Vulnerable Log4j code can be found in products from prominent identity vendors like CyberArk, ForgeRock, Okta and Ping Identity, as well as SMB-focused security companies like Fortinet, SonicWall, and ...

Beware of the Log4j vulnerability! This nasty software bug has much of the IT world in a panic as it follows us into the New Year. No doubt, many organizations and SMBs with no IT staff are clueless ...

Log4Shell, an internet vulnerability that affects millions of computers, involves an obscure but nearly ubiquitous piece of software, Log4j. The software is used to record all manner of activities ...

Multiple governments’ cyber agencies have released a long list of technology vendors and their products that are impacted by the Log4j vulnerability. They include the U.S. Cybersecurity and ...

There is no doubt that the recently publicized vulnerability in Log4j is a serious one and security teams should be spending time assessing the organization's exposure. The vulnerability, ...

Peter Membrey, chief architect of ExpressVPN, remembers vividly seeing the news of the Log4j vulnerability break online. “As soon as I saw how you could exploit it, it was horrifying,” says Membrey.