Appsec Phoenix

Blog

  • 17th May 2022
    Security Vulnerability of the Week 16/05/22

    Vulnerability analysis weekly – Every week we analyse and highlight the vulnerabilities that are hot. This week features Apple O/S Zero Day, Cisco, and Netgear update, Zyxel Firewall, Sonicwall Patch, Nvidia add by CISA, the Russian attack on Italy during Eurovision, Eternity project

  • 9th May 2022
    Security Vulnerability of the Week 09/05/22

    Vulnerability analysis weekly – Every week we analyse and highlight the vulnerabilities that are hot. This week Jetbrain, Oracle Mysql, Zoom, Github. vulnerabilities found in #AWS and #Azure: now with #extraReplica (discovered by Wiz) and #RDS log_fdw (discovered by Lightspin)

  • 28th April 2022
    Security Vulnerability of the Week 02/05/22 (updated)

    Vulnerability analysis weekly – Every week we analyse and highlight the vulnerabilities that are hot. This week Jetbrain, Oracle Mysql, Zoom, Github. vulnerabilities found in #AWS and #Azure: now with #extraReplica (discovered by Wiz) and #RDS log_fdw (discovered by Lightspin)

  • 25th April 2022
    Security Vulnerability of the Week 25/04/22

    Vulnerability analysis weekly – Every week we analyse and highlight the vulnerabilities that are hot. This week java, atlassian jira, and Cisco

  • 1st April 2022
    The Spring4Shell confusion

    two RCE vulnerabilities were being discussed on the internet. Most of the people talking about them believe they’re talking about “Spring4Shell” (CVE Added: CVE-2022-22965), but in reality they’re swapping notes about CVE-2022-22963.

  • 26th January 2022
    Log4J / Log4Shell (Part 2): Why so easy to exploit

    We analyse the high effectiveness of log4j and the multiple exploitation paths that show why log4j has such a devastating effect on a lot of systems

  • 24th January 2022
    The Ultimate Guide to Log4Shell: Where Did It Come From and How Do I Stop It?

    In this retrospective article we go trough the common workaround and how to fix log4j with the resource available

  • 3rd January 2022
    Log4Shell – 2.17.x Vulnerable Again? Demystifying CVE-2021-44228

    In the last few weeks, information security professionals have been fighting and updating systems like crazy.

    We have summarized an update on where we are right now and what you can do about resolution

  • 29th December 2021
    The Impact of Log4Shell Vulnerability

    An overview of the impact for the log4j/log4shell vulnerability and the recent ransomware attacks/cryptominers exploiting the vulnerability

  • 23rd December 2021
    Log4J / Log4Shell (Part 1): Misconceptions

    Demystifying the myth around log4j / Log4Shell.we give an overview on Log4J what has caused it and some demystification

  • 21st December 2021
    Log4Shell – Updates and latest remediation/workflows

    In the last few weeks, information security professionals have been fighting and updating systems like crazy.

    We have summarized an update on where we are right now and what you can do about resolution

x Logo: Shield Security
This Site Is Protected By
Shield Security