Tags log4shell

'Spring4Shell' bug in framework for Java programming draws widespread warnings

by Joe Warminsky • 3 months ago

Web applications created in the Spring platform could leave users open to remote code execution, CISA and others are warning.

In studying tech supply chain, feds cite open source products, device firmware

by Joe Warminsky • 4 months ago

The White House ordered Commerce and Homeland Security to examine weak spots in how the IT and communications industries produce hardware and software.

Google Cloud offers good news and bad news on Log4Shell, other issues

by AJ Vicens • 4 months ago

Potential intruders are still scanning for the bug every day, but the company says many vendors have been on top of fixing vulnerable instances of Log4j software.

CISA's new JCDC worked as intended, witnesses say at Senate hearing on Log4Shell bug

by Tonya Riley • 5 months ago

Private-sector experts say that public-private threat sharing is key.

Chinese hackers use Log4j exploit to go after academic institution

by Tonya Riley • 6 months ago

The attack is the latest strike by Chinese hackers using Log4j.

CISA, Five Eyes issue guidance meant to slow Log4Shell attacks

by Tonya Riley • 6 months ago

The joint agencies "assess that exploitation of these vulnerabilities, especially Log4Shell, is likely to increase and continue over an extended period."