Critical New 0-day Vulnerability in Popular Log4j Library Discovered | Read Blog

Ilkka Turunen

Ilkka serves as Field CTO at Sonatype. He is a software engineer with a knack for rapid web-development and cloud computing and with technical experience on multiple levels of the XaaS cake. Ilkka is interested in anything and everything, always striving to learn any relevant skills that help towards building Sonatype for success.

Helping The Open Source Community Find, Fix, and Remediate Log4j

By Ilkka Turunen on December 15, 2021 vulnerabilities
Assistance to protect the software supply chain from Log4j and other logging vulnerabilities. Open source intel, Pull Request Protection, SBOMs, and more.

Log4shell by the numbers- Why did CVE-2021-44228 set the Internet on Fire?

By Ilkka Turunen on December 14, 2021 vulnerabilities
What the download numbers tell us about the impact of the critical vulnerability CVE-2021-44228

Critical New 0-day Vulnerability in Popular Log4j Library Discovered  with Evidence of Mass Scanning for Affected Applications - Latest updates

By Ilkka Turunen on December 10, 2021 vulnerabilities
A serious 0-day Remote Code Execution exploit in log4j, the most popular java logging framework, was discovered today. Immediate action is needed from software maintainers.

The Central Repository Stands to Support Sailors from Bintray - 3 steps to take now to protect your builds from failing

By Ilkka Turunen on February 08, 2021 The Central Repository
We've created a practical guide for Bintray users migrating to the Central Repository to follow and ensure that use and distribution of open source components continues smoothly.

What Publishers Need to Know About Migrating from JCenter / Bintray to The Central Repository

By Ilkka Turunen on February 08, 2021 The Central Repository
A step-by-step guide publishers can follow to easily migrate from Bintray/JCenter to The Central Repository

GDPR Gets Teeth: British Airways and Marriott Fined

By Ilkka Turunen on July 09, 2019 devsecops
Fines levied at British Airways and Marriott International under GDPR show why data protection must be a central part of the software supply chain.

US Energy and Commerce Committee: 6 Strategies for Modern Cybersecurity Risks

By Ilkka Turunen on December 18, 2018 software bill of materials
On the 12th of December the Subcommittee on oversight and investigations released an additional report identifying the core strategies organisations can take to address modern cybersecurity risks.

3 steps to deal with the aftermath of the highjacked eslint-scope package

By Ilkka Turunen on July 13, 2018 npm
Yesterday at noon BST a new github issue was opened in the popular eslint repository on github. Someone had highjacked this package which stole user's credentials. Here's how to react to the

CVE-2017-17461 - Vulnerable or Not?

By Ilkka Turunen on May 31, 2018 security research
Security research team finds a vulnerability dismissed by others.