Here is an interesting follow-up story on SANS Internet Storm Diary looking at the impact of the log4j issues and some of the exploits used. The Rise and Fall of log4shell – SANS Internet Storm Centre
“Patch Now” advised – more on the Linux vulnerabilities
TechRepublic has another article on Linux vulnerabilities that need to be addressed: Patch now: A newly discovered critical Linux vulnerability probably affects your systems | TechRepublic Linux servers – so you think this is not your problem? – Smart Thinking Solutions Twelve-Year-Old Linux Vulnerability Discovered and Patched – Schneier on …
Continue reading ““Patch Now” advised – more on the Linux vulnerabilities”
Only if you have an iLo
Not sure what an iLo is? Then this story is probably not for you – but if you have an HP server that someone looks after for you, then pass this on to them. Over 20 thousand servers have their iLO interfaces exposed to the internet, many with outdated and …
Linux servers – so you think this is not your problem?
Much of the internet infrastructure is composed of Linux machines – and it looks like malware cyber attacks of these and other Linux devices is up throughout 2021, with no indication that they will decrease in 2022. Linux-Targeted Malware Increases by 35% in 2021 | CrowdStrike Linux malware sees 35% …
Continue reading “Linux servers – so you think this is not your problem?”
Why “just anti-virus” is not the whole solution
Obfuscated backdoor attack: Simple but Undetected PowerShell Backdoor – SANS This is a more complex read but if you are in the business it is a real help to see how these old school attacks still work.