New Google vulnerability: Learn about zero-day CVE-2022-3075 in Chorme web browser  | Fix now >> 

The CyberRisk Summit on-demand: Watch the latest #CRS anytime, anywhere | Watch now  >>

New report: Mapping MITRE ATT&CK framework to CVEs |  Read more  >>

Operational challenges in mitigating log4j

2021 left a final, chaotic surprise for the cyber security community with the unprecedented critical zero day log4j vulnerabilities. The remediation scramble in the immediate aftermath brought significant operational challenges. Teams worldwide were suddenly caught off-guard, working around the clock to fix a vulnerability nobody saw coming. Here are some of the key logistical and… Continue reading Operational challenges in mitigating log4j

Log4shell Mitigation Actions | How to fix CVE-2021-44228 in Production Environments

Note on CVE-2021-44228 and CVE-2021-45046: On December 14, 2021, Apache foundation released a new advisory for patching new CVE-2021-45046. This new security advisory instructs Log4j users to update their libraries’ versions to either 2.16.0 or 2.12.2 (depends on the Java version). Fortunately, the solutions described below address both CVE-2021-44228 and CVE-2021-45046, without the need to… Continue reading Log4shell Mitigation Actions | How to fix CVE-2021-44228 in Production Environments