Bleeping Computer

‘Hack DHS’ bug bounty program expands to Log4j security flaws

The Department of Homeland Security (DHS) has announced that the 'Hack DHS' program is now also open to bug bounty hunters willing to track down DHS systems impacted by Log4j vulnerabilities. "In ...
CSOonline

Orca’s new LLM tool to help detect Log4j-like exploits

To help enterprise users dig up hidden cloud misconfigurations so as to avoid log4j-like catastrophic vulnerabilities, Orca Security has introduced a new cloud asset search option on its cloud ...
Security

Log4j: Five guidelines for detection and prevention

On Dec. 9, the Apache Software Foundation issued a Log4j security alert that a vulnerability (CVE-2021-44228), aka Log4Shell, allows unauthenticated users to remotely execute or update software code ...