Apache - Security Intelligence

Risk Management February 24, 2023

With 40% of Log4j downloads still vulnerable, security retrofitting needs to be a full-time job

4 min read - Vulnerabilities like Log4j remain responsible for security breaches a full year after the discovery of the flaw. In the months after widespread reporting about the vulnerability, 40% of Log4j downloads remained vulnerable to exploitation. Rapid response — by both security…

Risk Management January 23, 2023

Log4j forever changed what (some) cyber pros think about OSS

4 min read - In late 2021, the Apache Software Foundation disclosed a vulnerability that set off a panic across the global tech industry. The bug, known as Log4Shell, was found in the ubiquitous open-source logging library Log4j, and it exposed a huge swath…

X-Force December 12, 2021

How Log4j Vulnerability Could Impact You

4 min read - Get the latest on the vulnerability dubbed "Log4Shell," a remote code execution vulnerability.

November 26, 2019

Exploit Code Escalates Apache Solr Vulnerability To ‘High Risk’ Status

2 min read - New exploit code has led researchers to reclassify a security threat aimed at the Linux enterprise search tool Apache Solr to "high severity status."

Application Security January 4, 2019

New Year, New Risks: 3 Application Security Resolutions You Should Adopt in 2019

5 min read - To ring in the new year, application security teams should resolve to implement more security into the development process, prioritize consumer trust and pay more attention to false negatives.

September 14, 2018

Mirai and Gafgyt IoT Malware Now Targeting SonicWall’s GMS and Apache Struts Exploits

< 1 min read - Malware authors have released modified versions of the Mirai and Gafgyt IoT malware that are capable of targeting vulnerabilities affecting SonicWall's GMS and Apache Struts.

Software Vulnerabilities October 17, 2017

Don’t Just Put Out the Zero-Day Fire — Get Rid of the Fuel

5 min read - The best way to remediate zero-day threats is to focus on proactively assessing and patching the vulnerabilities that facilitate them.

Endpoint September 25, 2017

Worried About Apache Struts? Stay One Step Ahead of Endpoint Attacks

2 min read - Security teams needs advanced visibility into all endpoints across the organization to prevent endpoint attacks such as the recent Apache Struts exploit.

September 11, 2017

Speedy Security Breach: Threat Actors Develop Apache Exploit Within Hours of Disclosure

2 min read - Even with a patch available for the new Struts vulnerability, threat actors developed new exploits within hours and coordinated security breach attacks.

June 20, 2017

Hidden PHP Rootkits Unearthed, Putting Apache Modules at Risk

2 min read - A security researcher discovered how to create malicious Apache modules, giving cyberattackers a new way to tap into and control web servers.

Popular tags

| | | | | | | | | | |

Failed to load data

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.

Subscribe today

Analysis and insights from hundreds of the brightest minds in the cybersecurity industry to help you prove compliance, grow business and stop threats.

Cybersecurity News By Topic By Industry Exclusive Series X-Force Podcast Events Contact About Us

Follow us on social

© 2023 IBM Contact Privacy Terms of use Accessibility Cookie Preferences