Category Archives: apache

White House hosts open-source software security summit in light of expansive Log4j flaw

Tech giants and federal agencies will meet at the White House on Thursday to discuss open-source software security, a response to the widespread Log4j vulnerability that’s worrying industry and cyber leaders. Among the attendees are companies like Apple, Facebook and Google, as well as the Apache Software Foundation, which builds Log4j, a ubiquitous open-source logging […]

If hackers are exploiting the Log4j flaw, CISA says we might not know yet

Federal officials cautioned Monday that, while the widespread Log4j vulnerability hasn’t led to any major known intrusions in the U.S., there could be a “lag” between when the flaw became known, and when attackers exploit it. Cybersecurity and Infrastructure Security Agency Director Jen Easterly said that there were months between the discovery of the vulnerability […]

The Log4j flaw is the latest reminder that quick security fixes are easier said than done

Cybersecurity professionals have spent weeks scrambling to address a bug in a widely used software library that could enable hackers to steal data, launch ransomware attacks or otherwise knock systems offline. The bug, known as Log4Shell, exists in Log4j, an open-source software tool that is used widely in the technology industry. The flaw could allow […]

CISA warns ‘most serious’ Log4j vulnerability likely to affect hundreds of millions of devices

Cybersecurity and Infrastructure Security Agency Director Jen Easterly told industry leaders in a phone briefing Monday that a vulnerability in a widely-used logging library “is one of the most serious I’ve seen in my entire career, if not the most serious.” “We expect the vulnerability to be widely exploited by sophisticated actors and we have […]

This site uses cookies to offer you a better browsing experience. By browsing this website, you agree to our use of cookies.