apache Archives

White House hosts open-source software security summit in light of expansive Log4j flaw

The meeting will combine tech leaders with feds.

Jan 13, 2022 By Tim Starks

Close-up of code on a computer screen for the Apache Struts framework, which was exploited by computer hackers using a Remote Code Execution exploit in order to allegedly steal the personal information of millions of people from credit bureau Equifax, Oct. 2, 2017. (Photo by Smith Collection/Gado/Getty Images)

If hackers are exploiting the Log4j flaw, CISA says we might not know yet

The agency harkened back to the long delay between vulnerability discovery and the Equifax breach.

Jan 10, 2022 By Tim Starks

The Log4j flaw is the latest reminder that quick security fixes are easier said than done

The complexity of addressing the Log4j vulnerability is immense.

Dec 21, 2021 By AJ Vicens

security, cybersecurity, lock, digital — (Getty Images)

CISA warns ‘most serious’ Log4j vulnerability likely to affect hundreds of millions of devices

CISA's director said that the vulnerability "is one of the most serious I've seen in my entire career, if not the most serious."

Dec 13, 2021 By Tim Starks

Apache spot — (Flickr/Drupal Foundation)

Apache alerts developers of remote code execution flaw

The two-year-old flaw could allow hackers to take control of unsuspecting developers' web servers.

Nov 7, 2018 By Zaid Shoorbajee

Apache Spot: open source big data analytics for cyber

An open source program that analyzes IT network flows and packet data at cloud scale to let defenders identify anomalous behavior has been donated to the Apache…

Sep 30, 2016