Kevin Beaumont · @GossiTheDog
25893 followers · 1190 posts · Server cyberplace.socialIf you see this report and think it is talking about #Capita, it isn't - the incident MSTIC are talking about here happened in February.
Also, patch #Log4shell. https://www.microsoft.com/en-us/security/blog/2023/04/07/mercury-and-dev-1084-destructive-attack-on-hybrid-environment/
ITSEC News · @itsecbot
1119 followers · 33137 posts · Server schleuss.onlineIoCs vs. EoCs: What’s the difference and why should you care? - Security analysts and threat hunters know the importance of IOCs – indicators of compromi... https://feeds.feedblitz.com/~/723798758/0/thesecurityledger~IoCs-vs-EoCs-Whats-the-difference-and-why-should-you-care/ #indicatorsofcompromise #criticalinfrastructure #enablerofcompromise #threatintelligence #vulnerabilities #expertinsight #cybersecurity #netwitness #topstories #databreach #log4shell #spotlight #dataloss #trends
#trends #dataloss #spotlight #log4shell #databreach #topstories #netwitness #cybersecurity #expertinsight #vulnerabilities #threatintelligence #enablerofcompromise #criticalinfrastructure #indicatorsofcompromise
Gareth Emslie 🇿🇦 🇪🇦 🇨🇭 · @keyoke_za
20 followers · 100 posts · Server hachyderm.ioLog4Shell, a critical vulnerability discovered in December 2021 and officially tracked as CVE-2021-44228, has had a long-lasting impact, prompting enterprises to adopt software composition analysis and secure supply chain management practices. Despite receiving patches and widespread attention, it remains a common cause for security breaches a year later. https://www.csoonline.com/article/3684108/log4shell-remains-a-big-threat-and-a-common-cause-for-security-breaches.html#tk.rss_all #Log4Shell #CVE2021-44228 #SoftwareCompositionAnalysis #SecureSupplyChainManagement
#log4shell #cve2021 #softwarecompositionanalysis #securesupplychainmanagement
Matthias Stürmer · @maemst
621 followers · 163 posts · Server swiss.social
Heute gehen die Präsentationen der @unibern Studierenden der Vorlesung #DigitaleNachhaltigkeit weiter: Auf der Agenda stehen faire Notebooks (?), #Log4Shell, Social Crediting System in China, Open Source Forks und viele weitere Themen. Hier live ab 9:15h oder später als Aufzeichnung: https://bbb.ch-open.ch/b/mat-dxn-qli-sxv - Übersicht aller Präsentationen:
https://www.digitale-nachhaltigkeit.unibe.ch/studium/digitale_nachhaltigkeit/praesentationen/
#digitalenachhaltigkeit #log4shell
INNOQ · @innoq
387 followers · 62 posts · Server innoq.social
🎄Heute vor genau einem Jahr haben wir im Adventskalender von #log4shell berichtet… Doch wie hat sich die Situation seither entwickelt? https://www.innoq.com/de/podcast/023-security-adventskalender-2022/
Thomas Cloer 🇪🇺 🇺🇦 · @teezeh
395 followers · 5103 posts · Server digitalcourage.social
Nic Wise · @fastchicken
162 followers · 148 posts · Server mastodon.nz
Ian Barker · @iandbarker
22 followers · 32 posts · Server newsie.social
Three out of four organizations are still vulnerable to Log4Shell #CyberSecurity #Log4Shell
https://betanews.com/2022/11/30/three-out-of-four-organizations-are-still-vulnerable-to-log4shell/
jessehouwing :verified: · @jessehouwing
30 followers · 16 posts · Server hachyderm.ioIn case you're still on #AzureDevOpsServer 2020 or older (Team Foundation Server), and want your Search feature to be truly secure, start planning your upgrade to Azure DevOps Server 2022 now and bring the embedded Elastic Search to 7.17.5.
https://jessehouwing.net/azure-devops-solution-for-log4shell-in-search/
#azuredevopsserver #log4j #log4shell #devops #azure #tfs
gesualdo :redhat: · @gesualdo
51 followers · 256 posts · Server mastodon.uno@ Csirt_it
‼ #Log4Shell: proseguono le attività di sfruttamento delle note vulnerabilità, presenti nei prodotti che implementano la libreria #log4j, tramite l’utilizzo del motore di scripting #javascript #Nash
#NASH #javascript #log4j #log4shell
MrsYisWhy · @chubirka
4 followers · 26 posts · Server hachyderm.io
HackRead: An Iranian APT group accessed the domain controller of a US Federal agency by exploiting the #Log4Shell vulnerability, CISA has revealed.
Details: https://www.hackread.com/log4shell-iran-hackers-domain-controller-network/
#log4shell #security #vulnerability #log4j #iran #cybersecurity
ITSEC News · @itsecbot
856 followers · 32559 posts · Server schleuss.online
Dangerous hole in Apache Commons Text – like Log4Shell all over again - Third time unlucky. Time to put your patching boots on again... https://nakedsecurity.sophos.com/2022/10/18/dangerous-hole-in-apache-commons-text-like-log4shell-all-over-again/ #stringinterpolation #apachecommonstext #cve-2022-42889 #vulnerability #log4shell #apache #log4j
#log4j #apache #log4shell #vulnerability #cve #apachecommonstext #stringinterpolation
Gonçalo Valério · @dethos
295 followers · 1159 posts · Server s.ovalerio.net"Log4j vulnerabilities remain 'endemic', says US DHS"
https://www.itnews.com.au/news/log4j-vulnerabilities-remain-endemic-says-us-dhs-582768
ITSEC News · @itsecbot
856 followers · 32559 posts · Server schleuss.online
8 months on, US says Log4Shell will be around for “a decade or longer” - When it comes to cybersecurity, ask not what everyone else can do for you... https://nakedsecurity.sophos.com/2022/07/18/8-months-on-us-says-log4shell-will-be-around-for-a-decade-or-longer/ #vulnerability #security.txt #log4shell #malware #log4j #csrb #dhs
#dhs #csrb #log4j #malware #log4shell #security #vulnerability
· @redfrog
2604 followers · 57205 posts · Server mamot.fr
The "hotpatch" released by #Amazon Web Services (AWS) in response to the #Log4Shell vulnerabilities could be used for container escape and privilege escalation, allowing an attacker to take control of the underlying host.
Read details: https://thehackernews.com/2022/04/amazons-hotpatch-for-log4j-flaw-found.html
#hacking #infosec #log4shell #amazon
hellosct1@mamot.fr · @hellosct1
151 followers · 1090 posts · Server mamot.fr
Vous pensez avoir échappé à la faille #Log4j, ---> ERREUR… j’en ai parlé cette semaine dans ma présentation #Log4shell #devsecops #CyberSecurity #cybersécurité
#log4j #log4shell #devsecops #cybersecurity #cybersécurité
ITSEC News · @itsecbot
856 followers · 32557 posts · Server schleuss.online
S3 Ep64: Log4Shell again, scammers keeping busy, and Apple Home bug [Podcast + Transcript] - We're back for 2022 - listen now! https://nakedsecurity.sophos.com/2022/01/06/s3-ep64-log4shell-again-scammers-keeping-busy-and-apple-home-bug-podcast-transcript/ #nakedsecuritypodcast #instagram #log4shell #podcast #apache #apple #log4j
#log4j #apple #apache #podcast #log4shell #instagram #nakedsecuritypodcast
Olivier Duquesne aka DaffyDuke · @daffyduke
485 followers · 37712 posts · Server mamot.fr
RT @newsoft
A Rennes, il y a désormais une rue consacrée à la faille #Log4Shell 😉 #trolldi
ITSEC News · @itsecbot
856 followers · 32557 posts · Server schleuss.online
FTC threatens “legal action” over unpatched Log4j and other vulns - Remember the Equifax breach? Remember the $700m penalty? In case you'd forgotten, here's ... https://nakedsecurity.sophos.com/2022/01/05/ftc-threatens-legal-action-over-unpatched-log4j-and-other-vulns/ #vulnerability #law&order #log4shell #dataloss #patching #privacy #equifax #log4j #ftc
#ftc #log4j #equifax #privacy #patching #dataloss #log4shell #law #vulnerability
Jan Korbel 🇨🇿 🏴☠️ · @jackc
170 followers · 1960 posts · Server kompost.czAlibaba dostala políček za to, že jako první o #log4shell neinformovala čínskou vládu... #security
https://www.scmp.com/tech/big-tech/article/3160670/apache-log4j-bug-chinas-industry-ministry-pulls-support-alibaba-cloud