In late November, a cloud-security researcher for Chinese tech giant Alibaba discovered a flaw in a popular open-source coding framework called Log4j. The employee quickly notified Log4j’s parent ...

Organizations working to reduce exposure to attacks targeting the Log4j remote code execution (RCE) vulnerability disclosed Dec. 9 have a couple of new considerations to keep in mind. Security ...

WASHINGTON, DC - NOVEMBER 16: Department of Homeland Security Secretary Alejandro Mayorkas testifies during a Senate Judiciary Committee hearing in Washington, DC. (Photo by Drew Angerer/Getty Images) ...

Join our daily and weekly newsletters for the latest updates and exclusive content on industry-leading AI coverage. Learn More Jen Easterly, director of the Cybersecurity and Infrastructure Security ...

We collaborate with the world's leading lawyers to deliver news tailored for you. Sign Up for any (or all) of our 25+ Newsletters. Some states have laws and ethical rules regarding solicitation and ...

After a flaw was discovered in the Log4J framework in late 2021 —a flaw that affected software and systems around the world —two UAB IT leaders co-moderated a discussion with higher education peers on ...

Iran-backed hacking group Phosphorous or APT35 is using the Log4j vulnerability to distribute a new modular PowerShell toolkit, according to security firm Check Point. APT35 is one of several ...

Security experts have warned that the Log4j vulnerability could still enable threat actors to launch attacks years from now, if security teams don’t up their game. Forrester analyst, Allie Mellen, ...

Join our daily and weekly newsletters for the latest updates and exclusive content on industry-leading AI coverage. Learn More Microsoft is investigating reports that the Apache Log4j vulnerability ...