Monero Miners Injected in Log4j Through RMI

These past few days have been about the most important vulnerability discovered lately. The vulnerability, officially tagged as CVE-2021-44228 and called Log4Shell or LogJam, is an unauthenticated RCE vulnerability that allows total…

The Log4j Vulnerability Is Now Used by State-Backed Hackers

The vulnerability, officially tagged as CVE-2021-44228 and called Log4Shell or LogJam, is an unauthenticated RCE vulnerability that allows total system takeover on systems running Log4j 2.0-beta9 through 2.14.1. What Happened? Nation-state hackers…

A New Microsoft Windows Installer Zero-day Is Exploited

Abdelhamid Naceri, a security researcher, made the zero-day in question public. He identified the flaw through an examination of the CVE-2021-41379 fix. It appears that the problem was not properly…