Log4J Vulnerability – Reaches Endemic
The Log4Shell vulnerability in open-source library Log4j has reached endemic proportions and the aftershock could reverberate for a decade or longer. The report by the Cyber Safety Review Board (CSRB)…
Avoslocker’s new affair with Log4j Flaw
Researchers have disclosed details on a ransomware attack that targeted the well-known Log4j flaw to deploy AvosLocker. This lengthy campaign has impacted an unnamed company, targeted instances of the VMware…
Recently patched VMware Bug exploited in wild
Security researchers at Barracuda discovered series of attempts were made to exploit the recent vulnerabilities CVE-2022-22954 and CVE-2022-22960, both reported last month. PoC exploitation that available in GitHub recently announced VMware bugs is being…
CISA: Top Exploited Vulnerabilities 2021
CISA has published the list of 2021’s top 15 most exploited software vulnerabilities. This joint Cybersecurity Advisory (CSA) was co-authored by cybersecurity agencies of the United States, Australia, Canada, New…
AWS Log4j Update ! Made Resources Vulnerable
AWS has updated its Log4j security patches after it was discovered the original fixes made customer deployments vulnerable to container escape and privilege escalation. The vulnerabilities introduced by Amazon's Log4j…
Log4j Attempts to exploit VMware Horizon again
VMware Horizon servers are used to enable secure anywhere, anytime access to enterprise apps for remote workers continue to be a main target for attackers exploiting the Apache Log4j RCE…
Log4j ! Still Open source Apps are vulnerable
Researchers from Qualys has reported that roughly three months after its discovery late last year, some 30% of Log4j instances remain vulnerable. It has scanned more than 150 million IT…
Log4J vulnerability exploited by Bots
A backdoor found targeting Linux systems with the goal of corralling the machines into a botnet and acting as a conduit for downloading and installing rootkits dubbed B1txor20 based on…