December 2021 Archives

A Data Security Primer

A high level guide to various methods for securing and protecting data in its many forms.

December 22, 2021 16:42 GMT

Apache Releases Log4j 2.16.0 to Patch Lingering DoS Vulnerability

Amid the focus on Log4j while patching CVE-2021-44228, a JNDI injection RCE vulnerability, Apache has released 2.16.0 which disables JNDI by default and removes support for Message lookups in order to fix a newly discovered denial of service vulnerability.

December 14, 2021 19:39 GMT

Log4j/Log4Shell Updates and Recommended Guidance

Updates and recommended guidance for identifying vulnerable servers and mitigating exploit attempts.

December 13, 2021 20:18 GMT

Apache Log4j Zero-Day Exposes Java Applications to RCE

A high-severity zero-day has been uncovered in Apache Log4j which could allow a log injection RCE exploit.

December 10, 2021 18:45 GMT

Multiple Vulnerabilities Discovered in Zoom Client

Two new vulnerabilities discovered in Zoom Client for Meetings allow arbitrary code execution and exposed process memory. Updates…

December 8, 2021 17:50 GMT

Hand-Picked Top-Read Stories

Palo Alto Recommends Urgent Mitigation For Authentication Bypass Vulnerability in PAN-OS

Weekly Top 10: 11.18.2024: Microsoft Exchange Adds Warning to Emails Abusing Spoofing Flaw; Evasive ZIP Concatenation: Trojan Targets Windows Users; Microsoft November 2024 Patch Tuesday Fixes 4 Zero-Days, 89 Flaws, and More.

What Happened To The Internet Archive?

Trending Tags

Month: December 2021

A Data Security Primer

Apache Releases Log4j 2.16.0 to Patch Lingering DoS Vulnerability

Log4j/Log4Shell Updates and Recommended Guidance

Apache Log4j Zero-Day Exposes Java Applications to RCE

Multiple Vulnerabilities Discovered in Zoom Client

Threat Advisories

Palo Alto Recommends Urgent Mitigation For Authentication Bypass Vulnerability in PAN-OS

Weekly Top 10: 11.18.2024: Microsoft Exchange Adds Warning to Emails Abusing Spoofing Flaw; Evasive ZIP Concatenation: Trojan Targets Windows Users; Microsoft November 2024 Patch Tuesday Fixes 4 Zero-Days, 89 Flaws, and More.

Weekly Top 10: 11.11.2024: Veeam Backup Exploit Used by Frag Ransomware; North Korean Hackers Use macOS Malware to Steal Crypto; Palo Alto PAN-OS May be Vulnerable to RCE, and More.

Weekly Top 10: 11.04.2024: Android Malware ‘FakeCall’ Hijacks Outgoing Calls; PTZ Cameras Being Targeted Using Two Zero-Days; Hacker Group TeamTNT Targets Docker Environments, and More.

Weekly Top 10: 10.28.2024: Severe Flaws in E2EE Cloud Storage Platforms Used by Millions; ClickFix Tactic: The Phantom Meet; Firm Hacked After Accidentally Hiring North Korean Cyber Criminal, and More.

Education

Protecting Microsoft Teams From Data Exfiltration – A Tactical DLP Rule

Anatomy of a Data Breach

OpenAI Cybersecurity Research

Breach Report: Healthcare

Analysis of GalComm Chrome Extension Malware