Subscribe to NetSec NewsSign up to receive our biweekly newsletter that covers what's happening in cybersecurity including news, trends, and thought leadership.
3 min read
Cyrus Robinson: Dec 15, 2021 12:00:00 AM
Apache Log4j2 <=2.14.1 JNDI features used in the configuration, log messages, and parameters do not protect against attacker-controlled LDAP and other JNDI-related endpoints. An attacker who can control log messages or log message parameters can...
Read More
5 min read
Cyrus Robinson: Dec 9, 2021 12:00:00 AM
Chapter 6 In the previous chapter, all seemed well with Huckleberry “Huck” Phinn and the St. Petersburg Wildlife Foundation. Huck and the gang at St....
3 min read
Cyrus Robinson: Dec 3, 2021 12:00:00 AM
In September 2021, multiple security research teams observed and reported email reply-chain attacks that distributed new SquirrelWaffle Loader and...
1 min read
Cyrus Robinson: Oct 22, 2021 12:00:00 AM
These vulnerabilities are currently being exploited in the wild. As of October 21st, there are nearly 48,000 web-exposed servers with these...
1 min read
Cyrus Robinson: Jul 13, 2021 12:00:00 AM
Microsoft recently informed SolarWinds about a Remote Memory Escape vulnerability that can result in Remote Code Execution in the SolarWinds Serv-U...
2 min read
Cyrus Robinson: Jul 7, 2021 12:00:00 AM
Microsoft has completed the investigation and has released security updates to address this vulnerability. It is recommended that these updates be...
2 min read
Cyrus Robinson: Jul 1, 2021 12:00:00 AM
CVE-2021-1675 (aka PrintNightmare) is a vulnerability in the built-in Windows “Print Spooler” service. Microsoft released a patch for CVE-2021-1675...
Sign up to receive our biweekly newsletter that covers what's happening in cybersecurity including news, trends, and thought leadership.
