Cybersecurity Starts in the Boardroom
Apache has issued another patch for a vulnerability in Struts 2 framework for Java applications as the one issued in 2020 did not quite work. Apache says 2-year-old Struts bug wasn’t fully fixed • The Register S2-062 – Apache Struts 2 Wiki – Apache Software Foundation
As you can see from the image above this was a worldwide effort, including the National Crime Agency and Europol, to close the doors on RaidForums, a resource that cyber criminals used to buy and sell stolen information. Unusually this site was on the internet – you and I could …
Patch Tuesday has come around again – and time for you check that ALL your updates and patches are up to date – not just your Microsoft ones. I know they are supposed to happen automatically but check anyway! Microsoft April 2022 Patch Tuesday – Sans Internet Storm Centre Microsoft’s …
Continue reading “Are your patches and updates being done everywhere?”
There are reports of the commercial spyware, Pegasus, being targeted at European Commission officials last year, by as yet unidentified hackers. European officials reportedly targeted by NSO spyware • The Register Pegasus is commercially available from the Israeli company NSO Group, to “approved” organisations.
Hackers have been actively working to exploit the Spring4Shell vulnerability – now it has been detected in the wild deploying the Mirai botnet. Spring4Shell under active exploit by Mirai botnet herders • The Register CVE-2022-22965 Analyzing the Exploitation of Spring4Shell Vulnerability in Weaponizing and Executing the Mirai Botnet Malware (trendmicro.com) …
Continue reading “Spring4Shell in the wild executing the Mirai botnet”
