China could be reviewing security bugs before tech companies issue patches, DHS official says
This could give Beijing the upper hand when carrying out cyberattacks against the U.S. or its other digital adversaries.
DHS Cyber Safety Review Board found no evidence China knew of Log4j before disclosure
The report suggests that even though risk still remains for unpatched organizations, a government-wide response helped drive mediation.
Hackers find 122 vulnerabilities — 27 deemed critical — during first round of DHS bug bounty program
The findings, first reported by CyberScoop, come in the first of three phases for the DHS bug bounty program.
Google Cloud offers good news and bad news on Log4Shell, other issues
Potential intruders are still scanning for the bug every day, but the company says many vendors have been on top of fixing vulnerable instances of Log4j software.
CISA's new JCDC worked as intended, witnesses say at Senate hearing on Log4Shell bug
Private-sector experts say that public-private threat sharing is key.
White House hosts open-source software security summit in light of expansive Log4j flaw
The meeting will combine tech leaders with feds.