Towards the end of November, a researcher from Alibaba discovered a fault (CVE-2021-44228) in a well known open-source logging library called Log4j. The researcher responsibly disclosed his finding to Log4j’s Apache Software Foundation. An additional vulnerability (CVE-2021-45105) was also discovered in a patch released to fix the initial vulnerability. This was then followed with yet another
Apple has released a patch for ‘zero-click vulnerability. What is a ‘zero-click’? It is a flaw which lets hackers access devices through the iMessage service even if users do not click on a link or file. One can imagine the power of this loop-whole. In a statement, Ivan Krstić, head of Apple Security Engineering and
The white is pushing companies to adopt defensive measure after an unrepresented rise in ransomware attacks so far this year and in April and May in particular. “The bluntly worded open letter followed a string of escalating ransomware attacks that stopped gasoline and jet fuel from flowing up the East Coast and closed off beef
Microsoft has released an out-of-band security update for a serious and actively used number of exploits on Microsoft Exchange. They named it Hafnium. The following versions of Exchange Server are affected: Exchange Server 2013 Exchange Server 2016 Exchange Server 2019 Is this attack connected to the SolarWinds attack?Microsoft has said that it has seen “no
Late last year Travelex, the currency exchange company suffered a major disruption in its operation after a ransomware attack. I wrote about this story at the time. It now appears a settlement has been reached with the bad actors. A report by The Wall Street Journal suggests that Travelex paid the ransom, to the tune
An application used by enterprises are utilized to deliver malware. Not any malware though, yes you guess it, ransomware! It is likely the same ransomware reported by Cisco Talos in April 2019. It is called REvil also known as “Sodinokibi.” Sodinokibi attempts to encrypt data in a user’s directory and delete shadow copy backups to
Ransomware attacks are often seen as just nuisance when you have a good backup. However it is a disaster for many businesses when you have no fallback. Remember a ransomware is a monster with two heads. One, it denies you access your data. Two, what is often not talked about is the fact an intruder
A massive ransomware attack is under way and has hit major orgonisations. So far I am aware of the UK being hit particularly bad. It is a ransomware with the ability to propergate with the vixtim’s help and this means once a machines is infected the attack does not stop there, it moves laterally by
I am sure this has been written a lot about and arguments are plentiful but it boils down to these points. Running two anti-malware products on the same machine does more harm than good. It can result in unexpected behaviour including but not limited to the two being stuck in an ever loop of resource
