This was always going to be an issue when we posted about it last week – here is more information. Log4shell: US demands Christmas Eve deadline for hack fix – BBC News CISA issues emergency directive to fix Log4j vulnerability • The Register CISA issues ’emergency directive,’ orders federal agencies …
Beware of contact forms – of course the hackers abuse these as well!
Contact forms are everywhere – no one puts email addresses on website because “people” just harvest those for spam/phishing campaigns – we have a contact form on this site. Here is a description on the SANS Internet Storm Diary explaining how these scam attacks are carried. It is not very …
Continue reading “Beware of contact forms – of course the hackers abuse these as well!”
Why “just anti-virus” is not the whole solution
Obfuscated backdoor attack: Simple but Undetected PowerShell Backdoor – SANS This is a more complex read but if you are in the business it is a real help to see how these old school attacks still work.
100 attacks a minute – Log4j
Flaw prompts 100 hack attacks a minute, security company says – BBC News Log4j – Smart Thinking Solutions
More about Log4j
This was always going to be an issue when we posted about it last week – here is more information. Log4j 2.15.0 and previously suggested mitigations may not be enough – SANS