• December 24, 2021

    Recent Attacks, Threats, and Breaches There are so many breaches and attacks these days, that it is hard to keep up. Here are a few of the recent highlights: 1. Panasonic Breach Panasonic is the latest high-profile victim of cybercriminals....

  • December 20, 2021

    Linux Vulnerabilities of the Week: December 20, 2021 1. Apache Log4j logging library vulnerability Severity: Critical         CVSS Score: 10.0 This is a flaw in Apache that allows an attacker who can control log messages or log message parameters to execute...

  • December 15, 2021

    December Patch Tuesday 2021 Fixes 67 Vulnerabilities December Patch Tuesday Arrives with 67 Fixes There are 7 Critical (one more than last month) and 60 Important fixes in this release.  Updates were included for Microsoft Windows and Windows Components, ASP.NET Core...

  • December 14, 2021

    Log4j Weaponized Threat Extremely Dangerous Vulnerability Discovered This weekend a vulnerability in Log4j which is a very popular Java-based logging tool has been Weaponized.  All versions of Log4j prior to 2.14.1 are vulnerable, this does not just impact the stand...

  • December 6, 2021

    Linux Vulnerabilities of the Week: December 6, 2021 1. CSRF token bypass in Mailman (<2.1.38) Severity: Important    CVSS Score: 8.8 A Cross-Site Request Forgery (CSRF) attack can be performed in GNU Mailman due to a CSRF token bypass. CSRF tokens...

  • December 1, 2021

    Linux Vulnerabilities of the Week: November 30, 2021 1. A heap buffer overflow in Redis (>2.6) Severity: Important    CVSS Score: 8.8 Redis is an open-source, in-memory database that persists on disk. In affected versions Specially crafted Lua scripts executing in...