Nextgov

Log4j Vulnerability Prompts Lawmakers to Examine Agency Cyber Measures

House Energy and Commerce Committee leaders asked several federal agencies about mitigation efforts, following a previous CISA emergency directive about the vulnerability. Cyber Defense Congress House ...
Dark Reading

Log4j Vulnerabilities Are Here to Stay — Are You Prepared?

The widespread vulnerability that first appeared in Apache Log4j in 2021 will continue to be exploited, potentially even in worse ways than we've seen to date. The more worrisome aspect of these ...
CSOonline

Cyber Safety Review Board warns that Log4j event is an “endemic vulnerability”

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) released the first report of the Cyber Safety Review Board (CSRB), formed in February as directed under President Biden’s May 2021 ...
Nextgov

Securing open source software is a team sport

Two years ago, the joint government-private sector response to the Log4j vulnerability that spawned 800,000 attacks worldwide led to the Enduring Security Framework for federal agencies adopting open ...
Dark Reading

3 Lessons Learned in Vulnerability Management

As we pass the first anniversary of the Log4j vulnerability disclosure, it's a timely reminder that when a vulnerability is serious, it deserves our utmost attention. Organizations taking ...
adtmag.com

Waratek Adds Log4J Scanner and API Security to its Java Security Platform

The Java security specialists at Dublin-based Waratek have released a new Log4J Vulnerability Scanner and added API security to their Java Security Platform, the company announced recently. The ...