This was always going to be an issue when we posted about it last week – here is more information. Log4j 2.15.0 and previously suggested mitigations may not be enough – SANS
Bruce Schneier on Log4j
This was always going to be an issue when we posted about it last week – here is more information. On the Log4j Vulnerability – Schneier on Security More Log4j News – Schneier on Security Log4j – Smart Thinking Solutions
Minecraft vulnerable to a Zero-Day vulnerability and others are sure to follow – Log4j
A vulnerability has been discovered in a component of Minecraft, Log4j, an open-source logging tool that’s used in many online applications. Zeroday in ubiquitous Log4j tool poses a grave threat to the Internet | Ars Technica
Developers beware! Attacks on the code supply chain
The security team at the open source repository, NPM, have removed 17 malware infected Java Script libraries from their servers. This is important as many code developers depend on the trust of NPM to develop application that we all use, and if they use infected code, then that will be …
Continue reading “Developers beware! Attacks on the code supply chain”
There is some justice for those who run ransomware attacks
Matthew Philbert, a Canadian, has been arrested and charged with running a ransomware attack that damaged systems belonging to The State of Alaska. Canadian charged with running ransomware attack on Alaska • The Register Canadian police arrest Ottawa resident for ransomware attacks – The Record by Recorded Future Canadian man …
Continue reading “There is some justice for those who run ransomware attacks”
