Security News

Log4Shell: The Movie… a short, safe visual tour for work and home
2021-12-20 19:20

Be happy that your sysadmins are taking one (three, actually!) for the team right now... here's why!

Week in review: Log4Shell updates, Kronos ransomware attack, unused identities threat
2021-12-19 09:00

The Log4j JNDI attack and how to prevent itThe disclosure of the critical Log4Shell vulnerability and the release of first one and than additional PoC exploits has been an unwelcome surprise for the entire information security community, but most of all those who are tasked with keeping enterprise systems and network secure. Ransomware hits HR solutions provider Kronos, locking customers out of vital servicesThe end of the year chaos caused by the revelation of the Log4Shell vulnerability has, for some organizations, been augmented by a ransomware attack on Ultimate Kronos Group, one of the biggest HR and workforce management solutions providers in the US. Microsoft patches spoofing vulnerability exploited by EmotetMicrosoft has delivered fixes for 67 vulnerabilities, including a spoofing vulnerability actively exploited to deliver Emotet/Trickbot/Bazaloader malware family.

Brand-New Log4Shell Attack Vector Threatens Local Hosts
2021-12-17 17:43

Defenders will once again be busy beavers this weekend: There's an alternative attack vector for the ubiquitous Log4j vulnerability, which relies on a basic Javascript WebSocket connection to trigger remote code-execution on servers locally, via drive-by compromise. "This newly discovered attack vector means that anyone with a vulnerable Log4j version can be exploited through the path of a listening server on their machine, or local network through browsing to a website, and triggering the vulnerability," researchers said in a Friday note to Threatpost.

S3 Ep63: Log4Shell (what else?) and Apple kernel bugs [Podcast+Transcript]
2021-12-16 17:41

Latest episode - listen now! (Yes, there are plenty of critical things to go along with Log4Shell.)

SAP Kicks Log4Shell Vulnerability Out of 20 Apps
2021-12-15 19:31

SAP has identified 32 apps that are affected by CVE-2021-44228 - the critical vulnerability in the Apache Log4j Java-based logging library that's been under active attack since last week. Thomas Fritsch, an SAP security researcher at enterprise security firm Onapsis, said in his SAP Patch Tuesday writeup that the number of HotNews Notes may seem high, but one of them - #3089831, tagged with a CVSS score of 9.9 - was initially released on SAP's September 2021 Patch Tuesday.

Apache’s Fix for Log4Shell Can Lead to DoS Attacks
2021-12-15 14:04

Last Thursday security researchers began warning that a vulnerability tracked as CVE-2021-44228 in Apache Log4j was under active attack and had the potential, according to many reports, to break the internet. To its credit, Apache hastily released a patch to fix Log4Shell with Log4j version 2.15.0 last Friday.

Log4Shell: A new fix, details of active attacks, and risk mitigation recommendations
2021-12-15 11:32

Due to the extraordinary widespread use of the open-source Apache Log4j library, the saga of the Log4Shell vulnerability is nowhere near finished. The recent discovery of a second Log4j vulnerability has shown that the fix to address CVE-2021-44228 in Apache Log4j 2.15.0 was incomplete in certain non-default configurations.

New ransomware now being deployed in Log4Shell attacks
2021-12-14 22:02

The first public case of the Log4j Log4Shell vulnerability used to download and install ransomware has been discovered by researchers.Yesterday, BitDefender reported that they found the first ransomware family being installed directly via Log4Shell exploits.

Apple security updates are out – and not a Log4Shell mention in sight
2021-12-14 19:55

Amongst all the brouhaha about Log4Shell, it's easy to forget all the other updates that surround us. It's also time to check your Apple devices, because Apple just pushed out a slew of its they-arrive-when-they're-ready-and-don't-expect-any-warning security patches.

What the Log4Shell Bug Means for SMBs: Experts Weigh In
2021-12-14 17:54

From there, an attacker can carry out any number of further attacks. What Bad Log4Shell Outcomes Are Possible for SMBs? Ofer Maor, Mitiga CTO: One of the concerns is that a lot of these attacks now will focus on getting initial access only and establishing persistence.