Security News

Critical RCE 0day in Apache Log4j library exploited in the wildA critical zero-day vulnerability in Apache Log4j, a widely used Java logging library, is being leveraged by attackers in the wild.Kali Linux 2021.4 released: Wider Samba compatibility, The Social-Engineer Toolkit, new tools, and more!Offensive Security released Kali Linux 2021.4, which comes with a number of improvements: wider Samba compatibility, switching package manager mirrors, enhanced Apple M1 support, Kaboxer theming, updates to Xfce, GNOME and KDE, Raspberry Pi Zero 2 W + USBArmory MkII ARM images, as well as new tools.

An excruciating, easily exploited flaw in the ubiquitous Java logging library Apache Log4j could allow unauthenticated remote code execution and complete server takeover - and it's being exploited in the wild. New #0-day vulnerability tracked under "Log4Shell" and CVE-2021-44228 discovered in Apache Log4j We are observing attacks in our honeypot infrastructure coming from the TOR network.

A critical zero-day vulnerability in Apache Log4j, a widely used Java logging library, is being leveraged by attackers in the wild - for now primarily to deliver coin miners.Reported to the Apache Software Foundation by Chen Zhaojun of Alibaba Cloud Security Team, the bug has now apparently been fixed in Log4j v2.15.0, just as a PoC has popped up on GitHub and there are reports that attackers are already attempting to compromise vulnerable applications/servers.

Kafdrop is a management interface for Apache Kafka, which is an open-source, cloud-native platform for collecting, analyzing, storing and managing data streams. It connects and maps existing Kafka clusters automatically, Spectral researchers explained, allowing users to manage topic creation and removal, as well as "Understand the topology and layout of a cluster, drilling into hosts, topics, partitions, and consumers. It also allows you to sample and download live data from all topics and partitions, acting as a legitimate Kafka consumer."

Apache patches an embarrassing bug and then has to patch the patch. Oh! No! The computer that punched a user in the face.

The Apache Software Foundation has released Apache OpenOffice 4.1.11, which fixes a handful of security vulnerabilities, including CVE-2021-33035, a recently revealed RCE vulnerability that could be triggered via a specially crafted document. Apache OpenOffice is an open-source office productivity suite that includes a word processor, a spreadsheet tool, a presentation editor, a vector graphics drawing editor, a mathematical formula editor, and a database management program.

The Apache Software Foundation on Thursday released additional security updates for its HTTP Server product to remediate what it says is an "Incomplete fix" for an actively exploited path traversal and remote code execution flaw that it patched earlier this week. CVE-2021-42013, as the new vulnerability is identified as, builds upon CVE-2021-41773, a flaw that impacted Apache web servers running version 2.4.49 and involved a path normalization bug that could enable an adversary to access and view arbitrary files stored on a vulnerable server.

If the first patch arrives too quickly, then it may not have been reviewed or tested quite as much as you might like. So it's not so much that the next patch in the queue catches up because the first one is too slow, but that the next one has to be completed in a rush to keep up.

Apache Software Foundation has released HTTP Web Server 2.4.51 after researchers discovered that a previous security update didn't correctly fix an actively exploited vulnerability. On Tuesday, Apache released Apache HTTP 2.4.50 to fix an actively exploited path traversal vulnerability in version 2.4.49.

Cybersecurity researchers on Monday discovered misconfigurations across older versions of Apache Airflow instances belonging to a number of high-profile companies across various sectors, resulting in the exposure of sensitive credentials for popular platforms and services such as Amazon Web Services, Binance, Google Cloud Platform, PayPal, Slack, and Stripe. "These unsecured instances expose sensitive information of companies across the media, finance, manufacturing, information technology, biotech, e-commerce, health, energy, cybersecurity, and transportation industries," Intezer said in a report shared with The Hacker News.