The BIGGEST CVEs of Q1 2024: Get the quarterly report

Vulcan Cyber helped an enterprise payment platform reduce critical risk by 50% | Learn how >>

Vulcan Cyber named a RBVM Leader by The OMDIA Universe >>

Must read: The ultimate guide for Cyber Risk Quantification (CRQ) >>

How-to guide: The true impact of exploitable vulnerabilities for 2024 >>

GET A DEMO

The BIGGEST CVEs of Q1 2024: Get the quarterly report

Vulcan Cyber helped an enterprise payment platform reduce critical risk by 50% | Learn how >>

Vulcan Cyber named a RBVM Leader by The OMDIA Universe >>

Must read: The ultimate guide for Cyber Risk Quantification (CRQ) >>

How-to guide: The true impact of exploitable vulnerabilities for 2024 >>

GET A DEMO

Tag: log4j

How to properly tackle zero-day threats

Despite modern, cutting-edge security technologies, cyber crime is still rampant, as attackers continue to find ways to gain unauthorized access to systems. Though the majority of software products today are built with security by design, system complexities and integrations with multiple products can introduce new verticals to the threat landscape. Zero-days—new, unknown threats—add yet another… Continue reading How to properly tackle zero-day threats

Memory-safe languages and more: first officer’s blog – week 26

First Officer’s log, Terrestrial date, 20221121. Officer of the Deck reporting.   Our work at Frontier Station [REDACTED] has been proceeding as expected. While the station used a range of tools across their departments, some standard, some decidedly not, and some built on the fly by the local engineering team to meet specific needs, we are… Continue reading Memory-safe languages and more: first officer’s blog – week 26

First officer’s log – week 1

First Officer’s log, Terrestrial date, 05232022.  Officer of the Deck reporting.  We’ve had another active week, with several stories getting our attention and the following are four of the most interesting.  CISA’s CVE backtrack  What happened  CISA has temporarily removed CVE-2022-26925 from the Known Exploited Vulnerability Catalog due to some unforeseen issues when it’s deployed… Continue reading First officer’s log – week 1

DevSecOps best practices for vulnerability management in the cloud

With DevSecOps best practices, teams can remain on top of their security controls while taking full advantage of everything the cloud has to offer. A growing trend in the cloud ecosystem, DevSecOps brings the security mindset to modern cloud-native applications. While it may sound simple, securing a cloud environment with distributed applications is not so… Continue reading DevSecOps best practices for vulnerability management in the cloud

Operational challenges in mitigating log4j

2021 left a final, chaotic surprise for the cyber security community with the unprecedented critical zero day log4j vulnerabilities. The remediation scramble in the immediate aftermath brought significant operational challenges. Teams worldwide were suddenly caught off-guard, working around the clock to fix a vulnerability nobody saw coming. Here are some of the key logistical and… Continue reading Operational challenges in mitigating log4j

Security deserves more: a cyber risk message for 2022

2021 saw a record number of reported vulnerabilities and mounting security debt. We’ve migrated to the cloud, implemented new technologies, and are working more remotely than ever. Not to mention the year’s vicious parting gift – the critical zero day log4j vulnerabilities.  The pace and scale of the tech we adopt mean that attack surfaces… Continue reading Security deserves more: a cyber risk message for 2022

Log4shell Mitigation Actions | How to fix CVE-2021-44228 in Production Environments

Note on CVE-2021-44228 and CVE-2021-45046: On December 14, 2021, Apache foundation released a new advisory for patching new CVE-2021-45046. This new security advisory instructs Log4j users to update their libraries’ versions to either 2.16.0 or 2.12.2 (depends on the Java version). Fortunately, the solutions described below address both CVE-2021-44228 and CVE-2021-45046, without the need to… Continue reading Log4shell Mitigation Actions | How to fix CVE-2021-44228 in Production Environments

CVE-2021-44228: How to fix the critical zero day Log4shell vulnerability

Note on Log4shell: On December 14, 2021 Apache foundation released a new advisory for patching new CVE-2021-45046. This new security advisory instructs Log4j users to update their libraries’ versions to either 2.16.0 or 2.12.2 (depends on the Java version). If you are about to follow the vendors’ advisories and update your product – great –… Continue reading CVE-2021-44228: How to fix the critical zero day Log4shell vulnerability

PLATFORM

Platform Overview

Connectors

Vulcan Free

Pricing

Compare

Vulnerability Aggregation

Vulnerability Correlation

Vulnerability Intelligence

Vulnerability Prioritization

Management Orchestration

Collaborative Security

Risk Reporting

SOLUTIONS

Exposure Management

Risk-Based Vulnerability Management

Application Vulnerability Management

Cloud Vulnerability Management

Financial Services

Federal Organizations

MSSPs

CYBER RISK HUB

Blog

Resources

Vulnerability Management Basics

Voyager18 Research

MITRE Mapper

CyberRisk Summit

COMPANY

About

Careers

Become a Partner

Deal Registration

Awards and Recognition

Contact Us

REQUEST A DEMO

Copyright © 2024 Vulcan Cyber. All rights reserved. Privacy Policy | Terms of Use

Got risk? scary hacker with a mask