Security news that informs and inspires


22 results for tag Log4j:

CISA Outlines Plans to Tackle Open Source Software Security

In an Open Source Software Security Roadmap released on Tuesday, the agency said it wants to build up the capabilities to better understand the complex open source ecosystem and create visibility around the security risks in this landscape.

Log4j, Cisa

Budworm Threat Group Attacks Reveal ‘Change in Focus’

The Budworm espionage group leveraged the Log4j flaw to target a number of high-value organizations worldwide, including an unnamed U.S.-based state legislature.


Log4j, ProxyLogon Among Top Flaws Exploited by Chinese Threat Groups

The NSA, FBI and CISA revealed the top CVEs exploited since 2020 by Chinese threat actors to gain initial access to sensitive networks.

Log4j, China

After Log4j, Efforts to ‘Uplift’ Open Source Ecosystem Continue

At Black Hat USA this week, Cyber Safety Review Board members tasked with looking at key lessons learned from Log4j talked about continued security issues facing the open source community.


Cyber Safety Review Board: Exploitation of ‘Endemic’ Log4j Flaw Will Evolve

The Cyber Safety Review Board’s report on the Log4j flaw pointed to an open-source software ecosystem riddled with security challenges.