One Article Review
| Source |  CSO |
|---|---|
| Identifiant | 8295482 |
| Date de publication | 2022-12-28 02:00:00 (vue: 2022-12-28 10:05:40) |
| Titre | Log4Shell remains a big threat and a common cause for security breaches |
| Texte | The Log4Shell critical vulnerability that impacted millions of enterprise applications remains a common cause for security breaches a year after it received patches and widespread attention and is expected to remain a popular target for some time to come. Its long-lasting impact highlights the major risks posed by flaws in transitive software dependencies and the need for enterprises to urgently adopt software composition analysis and secure supply chain management practicesLog4Shell, officially tracked as CVE-2021-44228, was discovered in December 2021 in Log4j, a widely popular open-source Java library that's used for logging. Initially disclosed as a zero-day, the project's developers quickly created a patch, but getting that patch widely adopted and deployed proved challenging because it relies on developers who used this component in their software to release their own updates.To read this article in full, please click here |
| Envoyé | Oui |
| Condensat | 2021 44228 adopt adopted after analysis applications article attention because big breaches but cause chain challenging click come common component composition created critical cve day december dependencies deployed developers disclosed discovered enterprise enterprises expected flaws full getting here highlights impact impacted initially its java lasting library log4j log4shell logging long major management millions need officially open own patch patches please popular posed practiceslog4shell project proved quickly read received release relies remain remains risks secure security software some source supply target that threat time tracked transitive updates urgently used vulnerability who widely widespread year zero |
| Tags | Vulnerability Threat |
| Stories | |
| Notes | ★★ |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ne semble pas avoir été repris sur un précédent.