Following the recent publicity of Linux vulnerabilities, here is an announcement from The Linux Foundation, of $10m of donations to their Open Source Security Foundation (OpenSSF). Among the donors are Microsoft and Google. Linux Foundation announces $10 million cross-industry investment in Open Source Security Foundation (scmagazine.com)
Log4j exploits and behind the scenes with the Apache patching team
Here is an interesting article from the team at Apache dealing with patching the Log4j problem: The Apache Log4j team talks about the Log4Shell patching process – The Record by Recorded Future But the exploits in the wild are still happening: Threat actor target Ubiquiti network appliances using Log4Shell exploits …
Continue reading “Log4j exploits and behind the scenes with the Apache patching team”
“Patch Now” advised – more on the Linux vulnerabilities
TechRepublic has another article on Linux vulnerabilities that need to be addressed: Patch now: A newly discovered critical Linux vulnerability probably affects your systems | TechRepublic Linux servers – so you think this is not your problem? – Smart Thinking Solutions Twelve-Year-Old Linux Vulnerability Discovered and Patched – Schneier on …
Continue reading ““Patch Now” advised – more on the Linux vulnerabilities”
Making a business from bug bounty – controversial?
Zerodium has announced it will buy bugs from researchers in popular email clients – for white-hat purposes although their actions are controversial. Zerodium looks to buy zero-days in Outlook and Thunderbird email clients – The Record by Recorded Future
Get your Apple device updated now!
Updates and patches from software and hardware vendors are a key step in your cyber-security strategy – make sure you keep up to date. Today Apple is releasing a variety of updates across all of it’s devices and operating systems to address various security and privacy issues. Check your device …
