Tags log4j

China could be reviewing security bugs before tech companies issue patches, DHS official says

by Suzanne Smalley

This could give Beijing the upper hand when carrying out cyberattacks against the U.S. or its other digital adversaries.

DHS Cyber Safety Review Board found no evidence China knew of Log4j before disclosure

by Tonya Riley

The report suggests that even though risk still remains for unpatched organizations, a government-wide response helped drive mediation.

Hackers find 122 vulnerabilities — 27 deemed critical — during first round of DHS bug bounty program

by AJ Vicens

The findings, first reported by CyberScoop, come in the first of three phases for the DHS bug bounty program.

Google Cloud offers good news and bad news on Log4Shell, other issues

by AJ Vicens

Potential intruders are still scanning for the bug every day, but the company says many vendors have been on top of fixing vulnerable instances of Log4j software.

CISA's new JCDC worked as intended, witnesses say at Senate hearing on Log4Shell bug

by Tonya Riley

Private-sector experts say that public-private threat sharing is key.

White House hosts open-source software security summit in light of expansive Log4j flaw

by Tim Starks

The meeting will combine tech leaders with feds.

TwitterFacebookLinkedInRedditGmail