To help enterprise users dig up hidden cloud misconfigurations so as to avoid log4j-like catastrophic vulnerabilities, Orca Security has introduced a new cloud asset search option on its cloud ...

Cybersecurity professionals and IT vendors spent the weekend scrambling to shore up systems before hackers exploited a zero-day vulnerability in the popular Apache Log4j open source logging tool.

Log4Shell exploits are different in that they exploit a zero-day vulnerability that was not maliciously introduced by attackers. But Log4j is so ubiquitous that many vendors are susceptible to it, ...

Organizations are still exposed to critical vulnerabilities in Log4j, two years after a maximum severity bug was found in the popular utility, according to Veracode. The application security vendor ...