Just when we thought we were through the significant bits of Log4j issues, a new problem appeared this past weekend. The good news is that with a lot of smart people looking at the issues, it means that researchers are doing their best to find any faults, and the Apache team is doing a great […]
Last Friday, we published a blog on the latest significant vulnerability, CVE-2021-44228, which involves a flaw in the Log4j program that causes arbitrary code execution. In case you missed it, the fun part here is that attackers could introduce malicious code in many different ways. As Rob put it on our recent podcast, the coder’s […]
There’s nothing in the cyber threat intelligence world like having a severe remote code execution (RCE) zero-day drop on a Friday afternoon. In light of this news, here’s a quick rundown of what we know about this: On 10 December 2021, reports began emerging of a new zero-day vulnerability found in the popular Log4j Java […]