How do threat actors get hold of your login credentials? They just ask you to send them over!

The US Government has issued a warning over the growth of text messages that are designed to manipulate you into giving away your secret information. US govt warns Americans of escalating SMS phishing attacks (bleepingcomputer.com) If it is happening in the US, why not extend the attacks to other English …

CISA Log4Shell examination

The US Government Cybersecurity and Infrastructure Security Agency has published a report examining the malware that infected an organisation with unpatched Log4Shell vulnerability in a VMware Horizon server. CISA Releases Log4Shell-Related MAR | CISA

As predicted Log4j is going to be a problem for a long time

The Cyber Safety Review Board is operated by The Department of Homeland Security and in it’s inaugural report the Log4j vulnerability, spread and exploitation is discussed: CSRB Report on Log4j – Public Report – July 11 2022_508 Compliant (cisa.gov) It makes interesting reading. I wonder just how many developers do …