Log4Shell

Current Dependency Vulnerabilities Giving Us PTSD

Lately, it seems we’re all plagued by zero-day and dependency-related vulnerabilities. Log4Shell had everyone scrambling in 2021, and…

October 17, 2023 09:35 GMT

Weekly Top Ten Cybersecurity Stories – 9.2.2022

Lockbit DDoS Triple Extortion, LastPass source code breach, Log4Shell continues to be used as initial access vector, cookie stuffing.

September 2, 2022 15:29 GMT

Log4j New Year Wrap-Up

One month into the Log4j vulnerability, we take a look at the 3 CVEs and their fixes, known exploits being observed in the wild, and a way forward in dealing with the ubiquitous and targeted Java library.

January 7, 2022 01:15 GMT

Apache Releases Log4j 2.16.0 to Patch Lingering DoS Vulnerability

Amid the focus on Log4j while patching CVE-2021-44228, a JNDI injection RCE vulnerability, Apache has released 2.16.0 which disables JNDI by default and removes support for Message lookups in order to fix a newly discovered denial of service vulnerability.

December 14, 2021 19:39 GMT

Hand-Picked Top-Read Stories

Weekly Top 10: 11.25.2024: Critical Flaw in End-of-Life D-Link VPN Routers; Actively Exploited RCE Flaw Impacting VMware vCenter; Russian Linked Threat Actor Linked in Cyber Espionage Campaign, and More.

Why is DDoS Still So Effective After 20 Years?

Palo Alto Recommends Urgent Mitigation For Authentication Bypass Vulnerability in PAN-OS

Trending Tags

Log4Shell

Current Dependency Vulnerabilities Giving Us PTSD

Weekly Top Ten Cybersecurity Stories – 9.2.2022

Log4j New Year Wrap-Up

Apache Releases Log4j 2.16.0 to Patch Lingering DoS Vulnerability

Threat Advisories

Weekly Top 10: 11.25.2024: Critical Flaw in End-of-Life D-Link VPN Routers; Actively Exploited RCE Flaw Impacting VMware vCenter; Russian Linked Threat Actor Linked in Cyber Espionage Campaign, and More.

Palo Alto Recommends Urgent Mitigation For Authentication Bypass Vulnerability in PAN-OS

Weekly Top 10: 11.18.2024: Microsoft Exchange Adds Warning to Emails Abusing Spoofing Flaw; Evasive ZIP Concatenation: Trojan Targets Windows Users; Microsoft November 2024 Patch Tuesday Fixes 4 Zero-Days, 89 Flaws, and More.

Weekly Top 10: 11.11.2024: Veeam Backup Exploit Used by Frag Ransomware; North Korean Hackers Use macOS Malware to Steal Crypto; Palo Alto PAN-OS May be Vulnerable to RCE, and More.

Weekly Top 10: 11.04.2024: Android Malware ‘FakeCall’ Hijacks Outgoing Calls; PTZ Cameras Being Targeted Using Two Zero-Days; Hacker Group TeamTNT Targets Docker Environments, and More.

Education

Protecting Microsoft Teams From Data Exfiltration – A Tactical DLP Rule

Anatomy of a Data Breach

OpenAI Cybersecurity Research

Breach Report: Healthcare

Analysis of GalComm Chrome Extension Malware