What is Log4j? A cybersecurity expert explains the latest internet vulnerability, how bad it is and what’s at stake

Padlokr –  Padlokr –  A vulnerability in Log4j, a humble but widespread piece of software, has put millions of computers at risk. SOPA Images/LightRocket via Getty Images Santiago Torres-Arias, Purdue…

White House hosts open-source software security summit in light of expansive Log4j flaw

Written by Tim Starks Jan 13, 2022 | CYBERSCOOP Tech giants and federal agencies will meet at the White House on Thursday to discuss open-source software security, a response to…

If hackers are exploiting the Log4j flaw, CISA says we might not know yet

Written by Tim Starks Jan 10, 2022 | CYBERSCOOP Federal officials cautioned Monday that, while the widespread Log4j vulnerability hasn’t led to any major known intrusions in the U.S., there…

The Fifth Log4j Vulnerability Has Been Fixed by Apache

Another Log4j version has been released by Apache dubbed 2.17.1, as prior to yesterday the most recent Log4j version was 2.17.0. This new variant addresses the RCE found in 2.17.0…

The Log4j flaw is the latest reminder that quick security fixes are easier said than done

Written by AJ Vicens Dec 21, 2021 | CYBERSCOOP Cybersecurity professionals have spent weeks scrambling to address a bug in a widely used software library that could enable hackers to…

A List of Vulnerable Products to the Log4j Vulnerability

Two days ago, we wrote a post about the Log4j vulnerability that is currently wreaking havoc on the cyberthreat landscape. The flaw stands for an open-source Java logging library. By…

CISA warns 'most serious' Log4j vulnerability likely to affect hundreds of millions of devices

Written by Tim Starks Dec 13, 2021 | CYBERSCOOP Cybersecurity and Infrastructure Security Agency Director Jen Easterly told industry leaders in a phone briefing Monday that a vulnerability in a…

Hackers actively exploiting 0-day in Ubiquitous Apache Log4j tool

Apache has released Log4j version 2.15.0 to address the critical RCE vulnerability and users are urged to apply the update immediately. The Apache Foundation’s Log4j is a widely used open-source…

Apache Airflow Servers Leak Thousands of Credentials

Apache Airflow is one of the most popular open-source workflow management platforms. Researchers from Intezer have discovered while investigating a misconfiguration flaw in Apache Airflow a large number of exposed…