February 2022

Why Log4j Keeps Getting Exploited Log4j Still Being Targeted It is a couple of months now since the Log4j vulnerability become public knowledge. Yet cybercriminals are still using it to rampage through enterprise after enterprise. Known as CVE-2021-44228, Log4j exploits...

Google Chrome Zero-Day Is Being Weaponized Google has released 98.0.4758.102 today to the Stable Channel to resolve serious issues impacting Windows, Linux and Mac OS.  So far this year this is the first Google Zero Day version of the Chrome...

Linux Vulnerabilities of the Week: February 14, 2022 1. Integer overflow in function XML_GetBuffer in Expat (<2.4.4) affecting Red Hat Enterprise Linux 7 and 8 Severity: Critical         CVSS Score: 9.8 Expat (libexpat) is susceptible to a software flaw that causes...

Linux Vulnerabilities of the Week: February 8, 2022 1. SQL injection in Log4j 1.x when the application is configured to use JDBCAppender Severity: Critical         CVSS Score: 9.8 This is a flaw in the Java logging library Apache Log4j in version...

February Patch Tuesday 2022 Fixes 51 Vulnerabilities Microsoft Releases 51 fixes this month including 1 Public Aware threat here are 50 Important fixes in this release and 1 Moderate.  Microsoft Windows and Windows Components, Azure Data Explorer, Kestrel Web Server, Microsoft...