The widely used Java-based logging library, Log4j, has a critical vulnerability (CVE-2021-44228), also known as Log4Shell, that allows hackers to inject malicious code into log messages, leading to unauthorized access to systems. This could lead to data breaches, remote code execution, and control over servers. The issue affects many industries and organizations, making it a severe and widespread cybersecurity threat.
US CISA unveils draft update to National Cyber Incident Response Plan – Dig Watch Updates
The US Cybersecurity and Infrastructure Security Agency (CISA) has released a draft update to the National Cyber Incident Response Plan. The plan aims to improve