Towards the end of November, a researcher from Alibaba discovered a fault (CVE-2021-44228) in a well known open-source logging library called Log4j. The researcher responsibly disclosed his finding to Log4j’s Apache Software Foundation. An additional vulnerability (CVE-2021-45105) was also discovered in a patch released to fix the initial vulnerability. This was then followed with yet another
Apple has released a patch for ‘zero-click vulnerability. What is a ‘zero-click’? It is a flaw which lets hackers access devices through the iMessage service even if users do not click on a link or file. One can imagine the power of this loop-whole. In a statement, Ivan Krstić, head of Apple Security Engineering and
This is a very serious leak as VPN (Virtual Private Network) username and passwords could undoubtedly allow the bad actors to access a network to perform all manner of activities including stealing date (data exfiltration), install hidden malware or perform ransomware attacks to extort money. Although the exploit relates to an already patched loop-whole, you should
The white is pushing companies to adopt defensive measure after an unrepresented rise in ransomware attacks so far this year and in April and May in particular. “The bluntly worded open letter followed a string of escalating ransomware attacks that stopped gasoline and jet fuel from flowing up the East Coast and closed off beef
Microsoft has released an out-of-band security update for a serious and actively used number of exploits on Microsoft Exchange. They named it Hafnium. The following versions of Exchange Server are affected: Exchange Server 2013 Exchange Server 2016 Exchange Server 2019 Is this attack connected to the SolarWinds attack?Microsoft has said that it has seen “no
FireEye, a well known cyber security firm has been hacked. The company’s CEO Kevin Mandia has released a statement in a blog post on Tuesday. There is a lot to be known but as the New York Times reported their tools of trade have been taken. These are so called Red Team tools and are used
