CISA issues emergency directive on vulnerabilities of Log4j.

Views expressed in this cybersecurity-intelligence update are those of the reporters and correspondents.

Accessed on 21 December 2021, 0527 UTC.

Content provided by “DarkReading.com.”

Source:  https://mail.google.com/mail/u/0/?ogbl#inbox/FMfcgzGllVphRhvdPtsPRBcvXGshWCQh

Please click link or scroll down to read your selections.

Follow Dark Reading:
 December 20, 2021
LATEST SECURITY NEWS & COMMENTARY
CISA Issues Emergency Directive on Log4j
The Cybersecurity Infrastructure and Security Agency orders federal agencies to take actions to mitigate vulnerabilities to the Apache Log4j flaw and attacks exploiting it.
PseudoManuscrypt Malware Targeted Government & ICS Systems in 2021
The “PseudoManuscrypt” operation infected some 35,000 computers with cyber-espionage malware and targeted computers in both government and private industry.
Meta Acts Against 7 Entities Found Spying on 50,000 Users
The parent company of Facebook and Instagram has warned some 50,000 account holders they are targets of surveillance.
Is Data Security Worthless if the Data Life Cycle Lacks Clarity?
If you cannot track, access, or audit data at every stage of the process, then you can’t claim your data is secure.

MORE NEWS / MORE COMMENTARY

HOT TOPICS
Log4Shell: The Big Picture
A look at why this is such a tricky vulnerability and why the industry response has been good, but not great.
Dear Congress: It’s Complicated. Please Consider This When Crafting New Cybersecurity Legislation
As mandatory reporting bills work their way through the halls of Congress, what should businesses do to prepare for this pending legislation?

MORE

MORE ON LOG4J
Timely Questions for Log4j Response Now — And for the Future
EXPERT INSIGHT: How to assess your exposure to the vulnerability with a combination of asset inventory, testing, solid information sources, and software bills of materials (SBOMs).
How Risky Is the Log4J Vulnerability?
Security teams around the world are on high alert dealing with the Log4j vulnerability, but how risky is it, really?
Why Log4j Mitigation Is Fraught With Challenges
The Log4j flaw exists in a component that is not always easy to detect and is widely used beyond an organization’s own networks and systems.
Original Fix for Log4j Flaw Fails to Fully Protect Against DoS Attacks, Data Theft
Organizations should upgrade ASAP to new version of logging framework released Tuesday by the Apache Foundation, security experts say.
LATEST FROM THE EDGE
Executive Partnerships Are Critical for Cybersecurity Success
One leader alone can’t protect an organization from cyber threats, C-suite leaders agree.
LATEST FROM DR TECHNOLOGY
Mobile App Developers Keep Fraudulent Traffic at Bay with Anti-Fraud API
The new API and SDK from Pixalate helps mobile developers avoid getting their apps delisted from app stores by detecting and blocking fraudulent traffic.
Tech Resources
ACCESS TECH LIBRARY NOW
  • Beyond Spam and Phishing: Emerging Email-based ThreatsEven as enterprises adopt real-time messaging tools and platforms, email remains the hub of enterprise communications. Adversaries are increasingly targeting the enterprise email inbox, and security teams need to look further than just spam and phishing attacks. In this webinar, …
  • Cloud Security Strategies for Today’s EnterprisesThe typical enterprise relies on dozens, even hundreds, of cloud applications and services sprawled across different platforms and service providers. Security teams need to shoulder the responsibility of coordinating security and incident response and not leave it up to individual …
MORE WEBINARS
FEATURED REPORTS
MORE REPORTS
CURRENT ISSUE
How Data Breaches Affect the Enterprise
DOWNLOAD THIS ISSUE SUBSCRIBE NOW
BACK ISSUES | MUST READS | TECH DIGEST
PRODUCTS & RELEASES

For rhe latest cybersecurity news and information, please check the blog sidebar, links, and twitter posts.