ZDNet

Log4j flaw: Why it will still be causing problems a decade from now

Despite a well-coordinated effort to rally organizations to patch to the major open-source software flaw, cybersecurity officials don't see an end to the Log4Shell problems for at least a decade. That ...
VentureBeat

Many orgs are still failing to address Log4j — here’s why

Want smarter insights in your inbox? Sign up for our weekly newsletters to get only what matters to enterprise AI, data, and security leaders. Subscribe Now Out of all the vulnerabilities discovered ...
Bleeping Computer

Public interest in Log4Shell fades but attack surface remains

It’s been four months since Log4Shell, a critical zero-day vulnerability in the ubiquitous Apache Log4j library, was discovered, and threat analysts warn that the application of the available fixes is ...
SDxCentral

Homeland Security Warns Log4j’s 'Endemic' Threats for Years to Come

"Log4j is an ‘endemic vulnerability’ and vulnerable instances of Log4j will remain in systems for many years to come," the Cyber Safety Review Board noted. The U.S. Department of Homeland Security ...
Bleeping Computer

Over 30% of Log4J apps use a vulnerable version of the library

Roughly 38% of applications using the Apache Log4j library are using a version vulnerable to security issues, including Log4Shell, a critical vulnerability identified as CVE-2021-44228 that carries ...
Dark Reading

DHS Review Board Deems Log4j an 'Endemic' Cyber Threat

The US Department of Homeland Security's Cyber Safety Review Board (CSRB) has concluded that the Apache Log4j vulnerability disclosed in December 2021 will remain a significant risk to organizations ...