Month: December 2021
The metaphor of “capture the flag” is ubiquitous in cybersecurity. It epitomizes the adversarial notion of having something…
December 22, 2021
Amid the focus on Log4j while patching CVE-2021-44228, a JNDI injection RCE vulnerability, Apache has released 2.16.0 which disables JNDI by default and removes support for Message lookups in order to fix a newly discovered denial of service vulnerability.
December 14, 2021
Updates and recommended guidance for identifying vulnerable servers and mitigating exploit attempts.
December 13, 2021
A high-severity zero-day has been uncovered in Apache Log4j which could allow a log injection RCE exploit.
December 10, 2021
Two new vulnerabilities discovered in Zoom Client for Meetings allow arbitrary code execution and exposed process memory. Updates…
December 8, 2021