Category: Malware

Log4j Vulnerabilities

Towards the end of November, a researcher from Alibaba discovered a fault (CVE-2021-44228) in a well known open-source logging library called Log4j. The researcher responsibly disclosed his finding to Log4j’s Apache Software Foundation. An additional vulnerability (CVE-2021-45105) was also discovered in a patch released to fix the initial vulnerability. This was then followed with  yet another

White House Warns Companies to Act Now on Ransomware Defenses

The white is pushing companies to adopt defensive measure after an unrepresented rise in ransomware attacks so far this year and in April and May in particular. “The bluntly worded open letter followed a string of escalating ransomware attacks that stopped gasoline and jet fuel from flowing up the East Coast and closed off beef

Hafnium

Microsoft has released an out-of-band security update for a serious and actively used number of exploits on Microsoft Exchange. They named it Hafnium. The following versions of Exchange Server are affected: Exchange Server 2013 Exchange Server 2016 Exchange Server 2019 Is this attack connected to the SolarWinds attack?Microsoft has said that it has seen “no

WannaCry, a wake up call  

A massive ransomware attack is under way and has hit major orgonisations. So far I am aware of the UK being hit particularly bad. It is a ransomware with the ability to propergate with the vixtim’s help and this means once a machines is infected the attack does not stop there, it moves laterally by

Are Two Anti-Viruses better than one?

I am sure this has been written a lot about and arguments are plentiful but it boils down to these points. Running two anti-malware products on the same machine does more harm than good. It can result in unexpected behaviour including but not limited to the two being stuck in an ever loop of resource