Log4j 2nd Year Anniversary Still a Pain
Recent research reports reveal that even after two years, several organizations are still vulnerable to Log4j. The analysis is done between August 15 and November 38,278, covering unique applications running…
Apache Fineract Vulnerabilities
Apache Fineract is a powerful platform poised to make a significant impact in the world of digital financial services. Apache Fineract is not immune to security vulnerabilities. Recently, three vulnerabilities have…
Ox4Shell – Log4Shell De-obfuscator
A Log4Shell de-obfuscation tool dubbed Ox4Shell, promises simple, rapid payload analysis without the risk of critical side effects has been showcased at Black Hat USA. The tool offers a potent…
Drupal issues Patches addressing flaws
Drupal has released four patches addressing vulnerabilities. One of them has been rated critical and the other three moderately critical. The critical vulnerability, tracked as CVE-2022-25277, affects Drupal 9.3 and…
Apache Common Configuration Bug Patched
Researches discovered a bug alike Log4j tracked as CVE-2022-33980, in the Apache Commons Configuration toolkit. Apache Commons is another Apache project that provides numerous Java utilities that provide a wide range of handy…
Log4j still haunts organizations with VMware Horizon
Organizations with public-facing VMware Horizon and Unified Access Gateway (UAG) servers without appropriate Log4Shell mitigations have been attacked from a range of attackers, including state sponsored advanced persistent threat actors.…
Log4j Attempts to exploit VMware Horizon again
VMware Horizon servers are used to enable secure anywhere, anytime access to enterprise apps for remote workers continue to be a main target for attackers exploiting the Apache Log4j RCE…
Apache Cassandra RCE released
Researchers disclosed details of a now-patched high-severity security vulnerability CVE-2021-44521 in Apache Cassandra an open-source NoSQL database software that could be exploited by remote attackers to achieve code execution on…