Another vulnerability found in Log4j, this time it is a denial of service
Log4Shell, recently discovered in the popular logging library Log4j, which is part of the Apache Logging Project, continues to get worse, as another vulnerability has been found. This time it…
Apache Log4j Vulnerability explained by Google
On December 17th, 2021 in their blog Google Open Source Insights Team explained the whole situation they observed concerning Apache Log4j Vulnerability. They described the widespread vulnerability and current progress…
Log4j vulnerability threatens 35,000 Java packages
Google scanned Maven Central, the largest Java repository to date, and found that the Log4j vulnerability threatened 35,863 Java packages. The packages are vulnerable to either the original Log4Shell exploit…
The FBI believes that the HelloKitty cryptor is controlled by operators from Ukraine
A medical organization from Oregon, which recently reported a breach and data leak, accidentally made it clear that, according to the FBI, HelloKitty (FiveHands) malware is controlled by operators from…
Microsoft patches Windows AppX Installer vulnerability that spreads Emotet malware
The latest of this year, December's patch Tuesday brought fixes for six 0-day vulnerabilities in Microsoft products, including a bug in the Windows AppX Installer that uses Emotet malware to…
Experts are already fixing attacks on the Log4Shell vulnerability
Security researchers are already scanning the network looking for products affected by a dangerous bug in the Log4j library and are fixing the results of cybercriminals’ attacks on a Log4Shell…
Major corporations teamed up to fight AI bias
American corporations have teamed up to form the Data & Trust Alliance, which has developed a software assessment system to fight AI bias. When hiring employees, HR departments are increasingly…
0-day In Log4j Library Poses A Threat To Many Applications & Servers
The Apache Software Foundation has released an emergency security update that fixes a 0-day vulnerability (CVE-2021-44228) in the popular Log4j logging library, which is part of the Apache Logging Project.…
Emotet now installs Cobalt Strike beacons
The researchers warn that Emotet now directly installs Cobalt Strike beacons on infected systems, providing immediate access to the network for attackers. Those can use it for lateral movement, which…
Google Stops Glupteba Botnet and Sues Two Russians
Google representatives said that they stopped the work of the Glupteba botnet: they deleted the accounts, and also disabled the servers and domains associated with it. In addition, the company…
Vulnerability in Apple iCloud puts billion users at risk
Security of over a billion iPhone owners and users of popular instant messengers is at risk due to a vulnerability in Apple iCloud. As the Forbes reports, private messages sent…
US Cyber Command confirms cyberattacks against ransomware
The United States Cyber Command has publicly recognized the use of offensive actions (cyberattacks) in order to neutralize cybercriminal groups that attacked American companies using ransomware programs. The Head of…