Rapid7 has found a spring framework vulnerability called Spring4Shell As usual a new vulnerability requires risk management to be reassessed. https://nvd.nist.gov/vuln/detail/CVE-2022-22965 Leads to https://tanzu.vmware.com/security/cve-2022-22965 Which says the following…
Do you have an APC UPS(Uninterruptible Power Supply)? (Image above from Armis Research) I do not know which devices actually have these vulnerabilities, assuming Armis research is correct then it…
From Brian Krebs’ KrebsonSecurity website: On Jan. 19, the ICRC disclosed the compromise of servers hosting the personal information of more than 500,000 people receiving services from the Red Cross…
Due to an actively exploited zero-day vulnerability: https://thehackernews.com/2021/12/extremely-critical-log4j-vulnerability.html This bug is a 10 of 10 on the CVSS rating from the article a snippet: Tracked as CVE-2021-44228 and by the…
Yes The hackers that just hacked the FBI email server only spammed thousands of email addresses and all they did was embarrass the FBI. The Criminal Justice Information Services division…
