December 2021

Recent Attacks, Threats, and Breaches There are so many breaches and attacks these days, that it is hard to keep up. Here are a few of the recent highlights: 1. Panasonic Breach Panasonic is the latest high-profile victim of cybercriminals....

Linux Vulnerabilities of the Week: December 20, 2021 1. Apache Log4j logging library vulnerability Severity: Critical         CVSS Score: 10.0 This is a flaw in Apache that allows an attacker who can control log messages or log message parameters to execute...

December Patch Tuesday 2021 Fixes 67 Vulnerabilities December Patch Tuesday Arrives with 67 Fixes There are 7 Critical (one more than last month) and 60 Important fixes in this release.  Updates were included for Microsoft Windows and Windows Components, ASP.NET Core...

Log4j Weaponized Threat Extremely Dangerous Vulnerability Discovered This weekend a vulnerability in Log4j which is a very popular Java-based logging tool has been Weaponized.  All versions of Log4j prior to 2.14.1 are vulnerable, this does not just impact the stand...

Linux Vulnerabilities of the Week: December 6, 2021 1. CSRF token bypass in Mailman (<2.1.38) Severity: Important    CVSS Score: 8.8 A Cross-Site Request Forgery (CSRF) attack can be performed in GNU Mailman due to a CSRF token bypass. CSRF tokens...

Linux Vulnerabilities of the Week: November 30, 2021 1. A heap buffer overflow in Redis (>2.6) Severity: Important    CVSS Score: 8.8 Redis is an open-source, in-memory database that persists on disk. In affected versions Specially crafted Lua scripts executing in...