The gargantuan crisis spurred by log4j isn’t over yet—not even close. Over the past week, new vulnerabilities have been discovered in the unfortunate Apache logging library (whose ubiquitous ...
The Federal Trade Commission has a message for companies that aren’t taking the threat posed by log4j to heart: Patch up or lawyer up. Consider yourselves warned. By now, you’ve surely heard of the ...
Vulnerability disclosures often come in bunches, and unvetted patch updates can create their own problems. Here's how to assess and prioritize both. The past few weeks left IT professionals ...
Facepalm: The Log4J exploits that have been plaguing server administrators for the past week continue as the patch issued to block the intrusions appears to have security flaws of its own. Some ...