
A new government-industry board stood up earlier this year to assess major cybersecurity events and make related recommendations has published its first ever report, which warns that the Log4j open-source software used in millions of information systems worldwide contains a serious vulnerability discovered in late 2021 that will persist for years but so far there appear to be no major attacks on critical infrastructures due to the security flaw. Still, the report by the Cyber Safety Review Board (CSRB) suggests…