(Getty Images) White House hosts open-source software security summit in light of expansive Log4j flaw The meeting will combine tech leaders with feds. Jan 13, 2022 By Tim Starks
Close-up of code on a computer screen for the Apache Struts framework, which was exploited by computer hackers using a Remote Code Execution exploit in order to allegedly steal the personal information of millions of people from credit bureau Equifax, Oct. 2, 2017. (Photo by Smith Collection/Gado/Getty Images) If hackers are exploiting the Log4j flaw, CISA says we might not know yet The agency harkened back to the long delay between vulnerability discovery and the Equifax breach. Jan 10, 2022 By Tim Starks
(THOMAS SAMSON/AFP via Getty Images) The Log4j flaw is the latest reminder that quick security fixes are easier said than done The complexity of addressing the Log4j vulnerability is immense. Dec 21, 2021 By AJ Vicens
(Getty Images) CISA warns ‘most serious’ Log4j vulnerability likely to affect hundreds of millions of devices CISA's director said that the vulnerability "is one of the most serious I've seen in my entire career, if not the most serious." Dec 13, 2021 By Tim Starks
(Flickr/Drupal Foundation) Apache alerts developers of remote code execution flaw The two-year-old flaw could allow hackers to take control of unsuspecting developers' web servers. Nov 7, 2018 By Zaid Shoorbajee
(Flickr/Drupal Foundation) Apache Spot: open source big data analytics for cyber An open source program that analyzes IT network flows and packet data at cloud scale to let defenders identify anomalous behavior has been donated to the Apache… Sep 30, 2016