Real Story of Log4J
Affected Software A significant number of Java-based applications are using log4j as their logging utility and are vulnerable to this CVE. To the best of our knowledge, at least the…
Log4J has been fixed by Apache Software foundation
Due to an actively exploited zero-day vulnerability: https://thehackernews.com/2021/12/extremely-critical-log4j-vulnerability.html This bug is a 10 of 10 on the CVSS rating from the article a snippet: Tracked as CVE-2021-44228 and by the…
SolarWinds Hack and CISA(Government Agency) Directive Common Theme
2 stories from the Hacker News: Solar Winds Hackers Targeting Government and Why everyone needs to take the latest CISA directive seriously The Solarwinds hack from last year (the one…
Unpatched Exchange Server Sends Phishing Emails That Look Legitimate
Certitute has a story that shows what happens when you decide for one reason or another not to update your Exchange server Apparently somebody did not update the Exchange server…
Another New Ransomware Attack – Delete Files and Hide Them
Yes now your files will be hidden (apparently they will be placed in a Winrar format – which is a kind of packed encrypted format). And then the original files…