Top Tech Companies Struggling To Patch Log4j Flaw

Share post:

Tech companies such as Cisco Systems, IBM, VMware, and Splunk are still struggling to install patches that fix the Log4j vulnerability, which was recently discovered by researchers and exploited by attackers.

The Log4j flaw has been fixed by Apache. However, since many programs use the free logger, it is necessary that many organizations also prepare and install patches to prevent takeovers.

This includes other free software and programs from both big and small companies.

Currently, some technology companies, including Cisco are updating guidance several times a day, while confirming vulnerabilities, available patches, or strategies for blocking intrusion when they occur.

Based on observations and companies’ struggles to patch their systems, Kevin Beaumont, security threat analyst, explained: “Lots of vendors are without security patches for this vulnerability. Software vendors need to have better, and public, inventories around open-source software usage so it is easier to assess risk – both for themselves and their customers.”

For more information, read the original story in Reuters.

Featured Tech Jobs


Related articles

Abuse of valid accounts by threat actors hits a high, says IBM

Attackers are finding that obtaining valid credentials is an easier route to achieving their goals, s

Cyber Security Today, Feb. 21, 2024 – A patch warning from ConnectWise, the latest ransomware news, and more

This episode reports on a report comparing business email compromise attacks against ransomware

UK leads takedown of LockBit ransomware gang’s website

The LockBit ransomware gang’s website has been seized, several news agencies reported late Monday. The Reuters news agency and The Register are carrying stories based on a new splash screen that has appeared on the gang’s website. It says, “This site is now under the control of the National Crime Agency of the UK, working

Cyber Security Today, Feb. 19, 2024 – Fake police data breach notification fools Maine’s AG site

This episode reports a recent fake data breach report and two real ones, a man pleads guilty to being involved in malware distribution

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways