Log4j Update ! ICS Product Owners Reflection
Log4j storm started in December mid and taken pace during the year end. Most of the product owners and application owners are swinging to patch it . With regard to…
US FTC Warns on Log4j ! Remediate it or face Legal Actions
The U.S. Federal Trade Commission (FTC) informed companies that they could face legal action if their customers are impacted by an attack that involves exploitation of the recent Log4j vulnerabilities.…
Log4j BlindSpots
Apache Java logging library log4j‘s popularity and its ability to hide in code,landmines hiding in infrastructure due to log4j’s Log4Shell security vulnerabilities. The good news is there are scanning tools that…
Posted inSecurity
Aquatic Panda Exploits With Log4j
Cyberespionage group Aquatic Panda linked with china was spotted exploiting the Log4Shell vulnerability (CVE 2021-44228) in an attack aimed at a large academic institution. The APT group is using a…
Microsoft Log4j Discovery
Microsoft has announced updates for cloud based defender to fight the Log4j vulnerability. Log4j has mostly been patched but can still affect some servers that could use help from Microsoft…
Log4j Update ! Even 2.17 is Exploitable
Another security vulnerability impacting the Log4j logging library was published as CVE-2021-44832. This new security vulnerability is affecting versions up to 2.17.0, which was previously thought to be fixed. This vulnerability is…
NVIDIA Affected by Log4j
NVIDIA and Hewlett Packard Enterprise (HPE) have confirmed that some of their products are affected by the recently disclosed vulnerabilities in the Apache Log4j logging utility. A total of three…
Bug Bounty Programs Flooded With Log4j Findings
Big hunters have already submitted thousands of vulnerability reports related to the Apache Log4j bug that continues to send shockwaves through the global software ecosystem. The critical, CVSS 10-rated flaw…