The Cybersecurity and Infrastructure Security Agency (CISA) sent out an emergency directive on Friday, requiring federal civilian departments and agencies to immediately patch their internet-facing ...

The Cybersecurity and Infrastructure Security Agency (CISA), along with the Federal Bureau of Investigation (FBI), National Security Agency (NSA), Australian Cyber Security Centre (ACSC), Canadian ...

Attackers are exploiting a vulnerability in the Log4j logging platform on systems running Apache software that is written in Java and utilizes the log4j library. Critical systems will be impacted.

The top U.S. cybersecurity officials have called the Log4j vulnerability one of the most serious security flaws in decades. The Common Vulnerability Scoring System (CVSS), which rates the severity of ...

The Cybersecurity and Infrastructure Security Agency (CISA) issued Emergency Directive (ED) 22-02 today requiring federal civilian departments and agencies to assess their internet-facing network ...

In December 2021, a vulnerability in the open source Log4J logging service used by developers to monitor their Java applications first came to light, leaving enterprises scrambling to patch affected ...

The fallout from the Apache Log4j vulnerability continues as researchers discover a second exploit that could lead to denial-of-service attacks. A patch is available to fix the issue. A second ...

The Federal Trade Commission warned of potential legal consequences for companies that fail to protect consumer data and mitigate known software vulnerabilities amid fallout from the widespread Log4j ...

Get the latest federal technology news delivered to your inbox. House Energy and Commerce Committee Leaders sent letters on Wednesday to several federal agencies requesting briefings to address ...

A second vulnerability involving Apache Log4j was found on Tuesday after cybersecurity experts spent days attempting to patch or mitigate CVE-2021-44228. The description of the new vulnerability, CVE ...