If there ever was any doubt over the severity of the Log4j vulnerability, director of US cybersecurity and infrastructure agency CISA, Jen Easterly, immediately quashed those doubts when she described…
Tag: critical vulnerability
CISA to brief critical infrastructure companies about urgent new Log4j vulnerability
Written by Tonya Riley Dec 13, 2021 | CYBERSCOOP The Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency will host a call with critical infrastructure stakeholders Monday afternoon about…
Log4j Critical Vulnerability (CVE-2021-44228): Practical Tips to Protect Your Organisation
What’s going on? Log4j is commonly used in Java applications of all shapes and sizes. Versions up to 2.15.0 have a critical vulnerability which is being actively exploited. Attackers are…
6M Sky Routers Left Exposed to Attack for Nearly 1.5 Years
Pen Test Partners didn’t disclose the vulnerability after 90 days because it knew ISPs were struggling with a pandemic-increased network load as work from home became the new norm. Sky,…
Critical Citrix DDoS Bug Shuts Down Network, Cloud App Access
The distributed computing vendor patched the flaw, affecting Citrix ADC and Gateway, along with another flaw impacting availability for SD-WAN appliances. A critical security bug in the Citrix Application Delivery…
BillQuick Billing App Rigged to Inflict Ransomware
A SQL injection bug in the BillQuick billing app has not only leaked sensitive information, it’s also let malicious actors remotely execute code and deploy ransomware. Threat actors are picking…
BQE Web Suite Billing App Rigged to Inflict Ransomware
An SQL-injection bug in the BQE Web Suite billing app has not only leaked sensitive information, it’s also let malicious actors execute code and deploy ransomware. Threat actors have been…