The Department of Homeland Security (DHS) has announced that the 'Hack DHS' program is now also open to bug bounty hunters willing to track down DHS systems impacted by Log4j vulnerabilities.

Internet companies scramble to fix the scary Log4j hack, but there’s not much end-users can do to reduce attack risks.

Conti ransomware operation is using the critical Log4Shell exploit to gain rapid access to internal VMware vCenter Server instances and encrypt virtual machines.

Cybersecurity experts struggled Tuesday to answer lawmakers’ basic questions about the danger of a flaw in the open-source logging platform Apache Log4J that could plague computer network ...

New reports detailing the Log4j vulnerability say that nation-state hackers are already trying to take advantage of the security issue.

Cybersecurity and Infrastructure Security Agency (CISA) director Jen Easterly and Homeland Security Secretary Alejandro Mayorkas announced the expansion of the "Hack DHS" bug bounty program ...

The Log4j flaw lets cyberattackers easily seize control of everything from industrial control systems to web servers and consumer electronics.

"Hack DHS" is the bug bounty program run by the agency, and "Log4j" is a super-popular logging package used by thousands of applications that was recently hit by a critical security exploit.

The Biden administration is turning its new Cyber Safety Review Board, formed in response to the hack known as “SolarWinds,” to the fresher problem of a critical vulnerability in log4j, the ...

The gargantuan crisis spurred by log4j isn’t over yet—not even close. Over the past week, new vulnerabilities have been discovered in the unfortunate Apache logging library (whose ubiquitous ...

Inital entry in the organizations was reportedly made using Log4Shell (CVE-2021-44228), a zero-day vulnerability in Log4j, a popular Java logging framework, which involves arbitrary code execution.