U.S. Federal Trade Commission issues notice regarding Apache’s Log4j vulnerabilities. FTC: Organizations failing to mitigate against the vulnerabilities may face legal action. Vulnerability in Java logging package poses a risk to millions, or hundreds of millions, of products, enterprise software and web applications, officials have warned. Officials at the FTC confirm that the “vulnerability is being widely exploited by a growing set of attackers” Last week, CrowdStrike reported that its threat hunting unit denied a Log4J-based attack on “a large academic institution””]