The Cybersecurity and Infrastructure Security Agency (CISA) sent out an emergency directive on Friday, requiring federal civilian departments and agencies to immediately patch their internet-facing ...

The Cybersecurity and Infrastructure Security Agency (CISA), along with the Federal Bureau of Investigation (FBI), National Security Agency (NSA), Australian Cyber Security Centre (ACSC), Canadian ...

In December 2021, a vulnerability in the open source Log4J logging service used by developers to monitor their Java applications first came to light, leaving enterprises scrambling to patch affected ...

The top U.S. cybersecurity officials have called the Log4j vulnerability one of the most serious security flaws in decades. The Common Vulnerability Scoring System (CVSS), which rates the severity of ...

The Cybersecurity and Infrastructure Security Agency (CISA) issued Emergency Directive (ED) 22-02 today requiring federal civilian departments and agencies to assess their internet-facing network ...

The fallout from the Apache Log4j vulnerability continues as researchers discover a second exploit that could lead to denial-of-service attacks. A patch is available to fix the issue. A second ...

Attackers are exploiting a vulnerability in the Log4j logging platform on systems running Apache software that is written in Java and utilizes the log4j library. Critical systems will be impacted.

The Federal Trade Commission warned of potential legal consequences for companies that fail to protect consumer data and mitigate known software vulnerabilities amid fallout from the widespread Log4j ...

Get the latest federal technology news delivered to your inbox. House Energy and Commerce Committee Leaders sent letters on Wednesday to several federal agencies requesting briefings to address ...

Peter Membrey, chief architect of ExpressVPN, remembers vividly seeing the news of the Log4j vulnerability break online. “As soon as I saw how you could exploit it, it was horrifying,” says Membrey.