The US Department of Homeland Security (DHS) released the Cyber Safety Review Board’s (CSRB) first report on the December 2021 Log4j event, where a number of vulnerabilities were reported with this Java-based logging framework.