The UK’s National Cyber Security Centre is ending support for the LME project to divert resources to new initiatives designed to help protect the UK’s cyber infrastructure. Credit: Getty Images The UK’s National Cyber Security Centre (NCSC) has announced that it will be ending its support for the Logging Made Easy (LME) project from March 31, 2023. LME is an open-source project that pulls together multiple pieces of free software to provide basic logging of security information on enrolled Windows devices. Whilst it has been a useful tool for simplified entry to a security information and event management (SIEM) system for anyone managing a fleet of Windows-based device, the NCSC stated that this decision will allow it to divert resources to new initiatives designed to help protect the UK’s cyber infrastructure as part of the UK government’s National Cyber Strategy. The LME GitHub page will close shortly after March 31, 2023.UK businesses warned of risks of continued Logging Made Easy useIn a blog, the NCSC wrote that, after March 31, 2023, businesses that rely on LME have two options – to continue to use LME and self-maintain the installation or to move to an alternative logging solution. However, continued use carries notable risks, it added. “Although it might be tempting to continue using LME after NCSC support has ended, there are significant risks involved in doing so. Over time, it’s likely that vulnerabilities will be discovered in the libraries that LME uses. If you’re maintaining your own LME installation, you’ll need to make sure that all vulnerabilities are updated as soon as practicable. The NCSC previously carried out this work, for example with the Log4j vulnerabilities.” The NCSC therefore recommended that LME users migrate to alternative logging tools unless they are confident in their ability to manage the security updates.For businesses that decide to move on from LME and explore other open-source alternatives designed to help with security monitoring, the NCSC cited the following, non-commercial options).Alternative optionFurther informationSecurity OnionHas documentation to help use various log types, including integrating Sysmon for Windows networksElastic (ELK) StackHas documentation describing use of Elastic Agent to collect log data from systems, including WindowsWindows Event ForwardingUseful for larger organisations Related content news Is China waging a cyber war with Taiwan? Nation-state hacking groups based in China have sharply ramped up cyberattacks against Taiwan this year, according to multiple reports. By Gagandeep Kaur Dec 01, 2023 4 mins Cyberattacks Government Government news Apple patches info-stealing, zero day bugs in iPads and Macs The vulnerabilities that can allow the leaking of sensitive information and enable arbitrary code execution have had exploitations in the wild. By Shweta Sharma Dec 01, 2023 3 mins Zero-day vulnerability feature The CSO guide to top security conferences Tracking postponements, cancellations, and conferences gone virtual — CSO Online’s calendar of upcoming security conferences makes it easy to find the events that matter the most to you. By CSO Staff Dec 01, 2023 6 mins Technology Industry IT Skills Events news Conti-linked ransomware takes in $107 million in ransoms: Report A ransomware campaign linked to the ostensibly defunct Conti malware group has targeted mostly US businesses, in a costly series of attacks. By Jon Gold Nov 30, 2023 4 mins Ransomware Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe