Blog Spotlight

todayDecember 17, 2021

Cyber security + Software Supply Chain Cybersecurity Shawn McManus

Log4shell – the newest vulnerability

Introduction On Thursday, December 9th, the vulnerability CVE-2021-44228 known as “Log4shell” was made public, sending large companies such as Twitter, Amazon, Google, Cloudflare, and many others in a rush to patch it before any damage could be done. Not only are large companies affected, but many applications and servers utilizing [...]

Top Voted Blog Posts
Sorry, there is nothing for the moment.

Blog

6 Results / Page 1 of 1

Background

Cyber security Shawn McManus / December 17, 2021

Log4shell – the newest vulnerability

Introduction On Thursday, December 9th, the vulnerability CVE-2021-44228 known as “Log4shell” was made public, sending large companies such as Twitter, Amazon, Google, Cloudflare, and many others in a rush to patch it before any damage could be done. Not only are large companies affected, but many applications and servers utilizing the popular Java library, Log4j, ...

Read more trending_flat

Cyber security Daniel West / June 17, 2021

UNC2465 Software supply chain attack

Quick intel drop. FireEye has reported that the DarkSide affiliate, UNC2465, has infiltrated the website of “CCTVSecurityPros” and injected into one of their software downloads. Below are the details. FireEye Article: https://www.fireeye.com/blog/threat-research/2021/06/darkside-affiliate-supply-chain-software-compromise.html Joe’s Sandbox Report: https://www.joesandbox.com/analysis/432180/0/html  Malware for those of you who want to perform your own analysis: https://github.com/obscuritylabs/UNC2465/tree/main/21JUN2021_supplychainattack

Read more trending_flat