Don’t Take the Cyber Safety Review Board’s Log4j Report at Face Value

The most significant finding in the Cyber Safety Review Board’s voluminous analysis of the Log4j vulnerability is what it didn’t observe.
The board is “not aware of any significant Log4j-based attacks on critical infrastructure systems.” Also, “exploitation of Log4j occurred at lower levels than…

Source: www.darkreading.com – Read more