SiliconANGLE

How a true zero-trust architecture could have minimized the impact of Log4j – and still can

Just a few days ago, a zero-day vulnerability (CVE-2021-44228) was discovered in the well-known Apache Log4j logging library that allowed attackers full remote code execution. The Apache Software ...
Developer Tech

Log4j downloads shows supply chain wake-up call ignored

Ongoing vulnerable Log4j downloads suggest the supply chain crisis wasn't the wake-up call it should have been.
Diginomica

AWS outage, Log4j vulnerability provides harsh lessons in unknown dependencies

The recent AWS outage(s) and Log4j security holes should lead to enterprises drawing some broader lessons about dealing with complexity and dependencies in modern IT environments. In what is becoming ...
CSOonline

4 ways to properly mitigate the Log4j vulnerabilities (and 4 to skip)

A sure-fire way to prevent exploitation of Log4j vulnerabilities has yet to appear, but these actions are your best bet for reducing risk. The IT security community has been hard at work for the past ...