Log4Shell

Protestware on the rise: Why developers are sabotaging their own code

Ax Sharma Contributor Share on Twitter Ax Sharma is a security researcher and reporter. His areas of interest include open source software security, malware analysis, data breaches and scam investigat

GreyNoise to expand its threat intel collection after securing $15M in funding

GreyNoise Intelligence, a Washington, D.C.-based cybersecurity startup that analyses internet scanning traffic to help organizations separate threats from internet “background noise,” has

Tech giants pledge $30M to boost open source software security

Tech giants including Amazon, Google and Microsoft have pledged millions of dollars to bolster the security of open source software. The pledge was made during a meeting in Washington, DC last week, w

Study: 30% of Log4Shell instances remain unpatched

Considering recent APT41 attacks, organizations that continue to leave the Log4Shell flaw unaddressed are hitting the snooze button when it comes to the wake-up calls from attackers.

China-backed APT41 compromised ‘at least’ six US state governments

The prolific China APT41 hacking group, known for carrying out espionage in parallel with financially motivated operations, has compromised multiple U.S. state government networks, according to cybers

Why are cybersecurity asset management startups so hot right now?

The proliferation of new asset types, along with the widespread shift to remote work, has resulted in assets becoming more highly distributed, making them even more difficult to manage and inventory.

Vicarius raises $24M to build out its vulnerability remediation platform

Vicarius, a New York-based startup that has developed an autonomous vulnerability remediation platform, has raised $24 million in Series A funding to protect organizations from the next major supply-c

FTC warns of legal action against organizations that fail to patch Log4j flaw

U.S. organizations that fail to secure customer data against Log4Shell, a zero-day vulnerability in the widely used Log4j Java logging library, could face legal repercussions, the Federal Trade Commis

The race is on to patch Log4Shell, the bug that’s breaking the internet

Security teams around the globe are scrambling to fix Log4Shell, a critical security flaw in Log4j, an open source logging software that’s found practically everywhere from online games to enter