The vulnerability was announced earlier this week by researchers with JFrog, who released a report on the problem.
Source: Read More (Latest topics for ZDNet in Security)
You might be interested in …
[SecurityWeek] Log4Shell Tools and Resources for Defenders – Continuously Updated
The widely used Apache Log4j Java-based logging tool is affected by a critical remote code execution vulnerability that has been increasingly exploited by malicious actors, including to deliver various types of malware. read more Source: Read More (SecurityWeek RSS Feed)
[SecurityWeek] CISA Unaware of Any Significant Log4j Breaches in U.S.
CISA Concerned About Risk Posed by Log4Shell to Critical Infrastructure The U.S. Cybersecurity and Infrastructure Security Agency (CISA) says it’s currently unaware of any significant breaches related to the recently disclosed Log4j vulnerabilities. read more Source: Read More (SecurityWeek RSS Feed)
[ThreatPost] Defeating Ransomware-as-a-Service? Think Intel-Sharing
Aamir Lakhani, cybersecurity researcher and practitioner at FortiGuard Labs, explains the rise of RaaS and the critical role of threat intel in effectively defending against it. Source: Read More (Threatpost)