Companies are still wrestling with widespread Log4j flaw, one year later

  • 📰 axios
  • ⏱ Reading Time:
  • 37 sec. here
  • 2 min. at publisher
  • 📊 Quality Score:
  • News: 18%
  • Publisher: 63%

United States News News

United States United States Latest News,United States United States Headlines

A year after one of the most widespread security vulnerabilities in recent history was exposed, companies are still wrestling with how to patch the flaw — or with determining if they were affected at all.

, with funding from Microsoft and Google, to provide more security tools to open-source software developers, who often run their projects in their spare time and lack the resources to stay on top of security flaws.It's up to companies to put in the work to determine which systems are still running a vulnerable version of Log4j, Mark J. Cox, Apache Software Foundation vice president of security, told Axios.

Synack CEO Jay Kaplan told Axios that while some organizations continue to invest resources in sifting through their products to determine where vulnerable versions of Log4j could be, others aren't "taking it seriously." "This reinforces that certain software is critical and ubiquitous enough that it's everywhere and in places that people don't know about," said Dan Lorenc, founder and CEO of supply chain security firm Chainguard. "The unknown unknowns are the ones that are problematic here.""Unfortunately, we're still in a pretty bad place," Kaplan said. "These vulnerabilities are being taken advantage of all over the world. We have to do better.

 

Thank you for your comment. Your comment will be published after being reviewed.
Please try again later.

In other news: Shadow banning against Conservatives on Twitter was real. Not a 'Right wing conspiracy theory'

We have summarized this news so that you can read it quickly. If you are interested in the news, you can read the full text here. Read more:

 /  🏆 302. in US

United States United States Latest News, United States United States Headlines

Similar News:You can also read news stories similar to this one that we have collected from other news sources.

Customers are going to pay more as central Pa. electric, gas companies raise ratesJust like everything else these days, paying for gas and electric might become more expensive for you this winter. It isn't just like everything else. Crazy energy policies driving up all energy prices are a major contributor to the higher prices of everything else. Thanks to Wolf. Shapiro will finish robbing Pennsylvanians of their hard earned money. I hope everyone who voted for Biden can't afford to heat their home
Source: PennLive - 🏆 463. / 53 Read more »

U.S. blacklists companies for aiding Russian militaryThe Biden administration on Wednesday added 24 companies and other entities to an export control list for supporting Russia’s military or defense industrial base, Pakistan's nuclear activities or for supplying an Iranian electronics company. Wonder how long before 5 Columnists Trump Traitors arrive suppoting the USA and the West Enemy Putin Dirty Traitors. All the scammers also hyjacking this post show that Twitter has gone to shit since Elon Mask sacking all Twitter personal as these scammers are out of control on Twitter.
Source: Reuters - 🏆 2. / 97 Read more »

U.S. presses UN not to update list of companies operating in Israeli settlementsSCOOP: The Biden admin is pressing the UN's human rights chief not to update the list of companies operating in the Israeli settlements in the occupied West Bank. More death of peaceful protesters in Bangladesh ahead of a planned rally on December 10. Unelected, fascist Bangladeshi regime started a murderous wave of shooting of peaceful protesters. At least two protesters were shot dead using military grade assault rifle and armored van. It’s not “occupied.”
Source: axios - 🏆 302. / 63 Read more »

Congressional Report: Financial Technology Companies Fueled Billions in PPP FraudA congressional report has found that obscure financial technology companies 'with little to no oversight from lenders' have fueled rampant Paycheck Protection Program (PPP) fraud. The report estimates a total fraud of about $64 billion, with fintechs contributing significantly to that total. geez. Another fintech scandal . Jim_Jordan Recovering fraudulently obtained PPP funds would be a good job for a couple hundred IRS agents (not 87k). So would investigating Medicare/Medicaid fraud. Govt needs to stop throwing taxpayer money away.
Source: BreitbartNews - 🏆 610. / 51 Read more »

Five companies win California offshore wind energy leasesThe companies bid a total of $757.1 million for the 373,268 acres of ocean spaces where floating wind turbines can be erected to generate up to 4.5 gigawatts of electricity. Bird Holocaust.
Source: mercnews - 🏆 88. / 68 Read more »

This chart shows how companies have gone quieter on cryptoThere were 146 corporate conference calls mentioning cryptocurrency and other related terms in the first two months of the fourth quarter, below the counts seen in the first two months of the prior three quarters, data showed.
Source: MarketWatch - 🏆 3. / 97 Read more »