The US Federal Trade Commission (FTC) warned in an announcement on Tuesday that it will go after any US company that fails to secure its users’ data against ongoing Log4j attacks. “The FTC intends to use its full legal authority to pursue companies that fail to take reasonable steps to protect consumer data from exposure as […]

We're back for 2022 - listen now!

Remember the Equifax breach? Remember the $700m penalty? In case you'd forgotten, here's the FTC to refresh your memory!

The FTC will pursue companies that fail to take steps to protect consumer data from exposure due to Log4j, officials report.

NYC area IT security consultant draws insight from the major 2021 cyber attacks to prepare the organization and prevent cyber attacks in 2022—in a new article from eMazzanti Technologies

(PRWeb January 05, 2022)

Read the full story at https://www.prweb.com/releases/prevent_cyber_attacks_in_2022_using_lessons_from_the_major_2021_attacks/prweb18419413.htm

Microsoft says vulnerabilities present a "real and present" danger, citing high volume of scanning and attack activity targeting the widely used Apache logging framework.

The Software Composition Analysis leader now offers a remediation preset for WhiteSource Renovate and Enterprise, enabling users to identify and fix the Log4j vulnerability from hundreds of downstream dependent packages of Log4j.

Security pros say the Log4j vulnerability is another warning call for enterprises to get more disciplined when keeping track of software bills of materials.

Microsoft Defender for Endpoint has shown “sensor tampering alerts” linked to the company’s new Microsoft 365 scanner for Log4j processes. The alerts are reportedly shown mainly on Windows Server 2016 systems and warn of “possible sensor tampering in memory was detected by Microsoft Defender for Endpoint” created by an OpenHandleCollector.exe process. According to customer reports, Microsoft […]

It's a Log4j bug, and you ought to patch it. But we don't think it's a critical crisis like the last one.

Over 80% of Java packages stored on Maven Central Repository have Log4j as an indirect dependency, with most of them burying the vulnerable version five levels deep, says Google's Open Source Insights Team.

Severe flaws in Microsoft Exchange and Windows Print Spooler stood out amid a wide range of vulnerabilities security teams were forced to prioritize in 2021.