Log4j

Study: 30% of Log4Shell instances remain unpatched

Considering recent APT41 attacks, organizations that continue to leave the Log4Shell flaw unaddressed are hitting the snooze button when it comes to the wake-up calls from attackers.

China-backed APT41 compromised ‘at least’ six US state governments

The prolific China APT41 hacking group, known for carrying out espionage in parallel with financially motivated operations, has compromised multiple U.S. state government networks, according to cybers

4 basic elements required for running production OSS smoothly

Companies need to put many elements in place to use OSS in production smoothly. Here’s how to get started.

Bug bounty giant HackerOne lands $49M, thanks to cloud adoption boon

Bug bounty and penetration testing startup HackerOne has raised a $49 million Series E following a year of massive cloud adoption fueled by work-from-home orders. The company — which mediates betwee

A CISO’s playbook for responding to zero-day exploits

We keep calling every new zero-day exploit a “wake up call,” but all we have been doing is collectively hitting the snooze button.