Cybersecurity Starts in the Boardroom
Here is an interesting article from the team at Apache dealing with patching the Log4j problem: The Apache Log4j team talks about the Log4Shell patching process – The Record by Recorded Future But the exploits in the wild are still happening: Threat actor target Ubiquiti network appliances using Log4Shell exploits …
Continue reading “Log4j exploits and behind the scenes with the Apache patching team”
If you are involved in software development or use open source software, this article from the Google Cloud team, makes for interesting reading and can add some clarity to using this type of resource. Cloud CISO Perspectives: December 2021 | Google Cloud Blog
Latest update about Log4j from SANS Internet Diary. Log4j 2 Security Vulnerabilities Update Guide – SANS Internet Storm Centre
Example of how attackers are trying to push crypto miners via Log4Shell – SANS Internet Storm Centre
Chinese regulator pauses partnership with Alibaba – BBC News Alibaba Cloud in trouble with Beijing for Log4J annoucement • The Register I found this video on YouTube that has a good in-depth description of the Log4j problem. It will keep you up speed with all the acronyms, shells, code etc.
