-
two RCE vulnerabilities were being discussed on the internet. Most of the people talking about them believe they’re talking about “Spring4Shell” (CVE Added: CVE-2022-22965), but in reality they’re swapping notes about CVE-2022-22963.
-
We analyse the high effectiveness of log4j and the multiple exploitation paths that show why log4j has such a devastating effect on a lot of systems
-
In this retrospective article we go trough the common workaround and how to fix log4j with the resource available
-
In the last few weeks, information security professionals have been fighting and updating systems like crazy.
We have summarized an update on where we are right now and what you can do about resolution
-
In the last few weeks, information security professionals have been fighting and updating systems like crazy.
We have summarized an update on where we are right now and what you can do about resolution
-
A new Remote Code Execution (RCE) has been disclosed in the wild affecting the log4j library for java. Affected Version 2.0 <= Apache log4j <= 2.14.1. Services in cloud-like: Steam, Apple iCloud, and apps like Minecraft have already been found to be vulnerable.