Chinese regulator pauses partnership with Alibaba – BBC News Alibaba Cloud in trouble with Beijing for Log4J annoucement • The Register I found this video on YouTube that has a good in-depth description of the Log4j problem. It will keep you up speed with all the acronyms, shells, code etc.
Belgian defence ministry systems exploited via Log4j flaw
Belgian defence ministry admits attackers accessed its computer network by exploiting Log4j vulnerability • The Register As if you needed reminding that if the Log4j vulnerability impacts you, you need to take action.
Just like buses – Log4j flaws come in threes
Bad things come in threes: Apache reveals another Log4J bug • The Register A third bug has been found in the Log4j system. There has been three new versions of the software since the crisis started.
Log4j – Java Packages
As predicted the impact of this vulnerability is far reaching. Check if it impacts you. Google: More than 35,000 Java packages impacted by Log4j vulnerabilities – The Record by Recorded Future
Log4j advice for board members from the National Cyber Security Centre (NCSC)
Log4j critical vulnerability advice for boards – NCSC.GOV.UK
More about Log4j
This was always going to be an issue when we posted about it last week – here is more information. Log4shell: US demands Christmas Eve deadline for hack fix – BBC News CISA issues emergency directive to fix Log4j vulnerability • The Register CISA issues ’emergency directive,’ orders federal agencies …
Beware of contact forms – of course the hackers abuse these as well!
Contact forms are everywhere – no one puts email addresses on website because “people” just harvest those for spam/phishing campaigns – we have a contact form on this site. Here is a description on the SANS Internet Storm Diary explaining how these scam attacks are carried. It is not very …
Continue reading “Beware of contact forms – of course the hackers abuse these as well!”
