Times Union

What is Log4j? A cybersecurity expert explains the latest internet vulnerability, how bad it is and what's at stake

Log4Shell, an internet vulnerability that affects millions of computers, involves an obscure but nearly ubiquitous piece of software, Log4j. The software is used to record all manner of activities ...
Homeland Security Today

PERSPECTIVE: Why the December 2021 Log4j Event Remains Top of Mind for Cyber Professionals

The Cyber Safety Review Board (CSRB), created in 2021 to review major cyber events, released a report last summer recapping the 2021 discovery of the Log4j vulnerability. Its disclosure triggered a ...
Infosecurity-magazine.com

Two-Fifths of Log4j Apps Use Vulnerable Versions

Organizations are still exposed to critical vulnerabilities in Log4j, two years after a maximum severity bug was found in the popular utility, according to Veracode. The application security vendor ...
Bleeping Computer

Over 30% of Log4J apps use a vulnerable version of the library

Roughly 38% of applications using the Apache Log4j library are using a version vulnerable to security issues, including Log4Shell, a critical vulnerability identified as CVE-2021-44228 that carries ...
Wall Street Journal

Major Cyber Bug in Log4j to Persist as ‘Endemic’ Risk for Years to Come, U.S. Government Board Finds

The Log4j vulnerability in open-source software came as a shock to many when it came to light at the end of 2021. How can cyber professionals protect their organizations? WASHINGTON—A major ...