Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Apache has released version 2.16.0, which completely removes support for Message Lookups and disables JNDI by default. CrowdStrike has identified a malicious Java class file hosted on infrastructure associated with a nation-state adversary. The Java code is used to download known instances of adversary-specific tooling and is likely to be used in conjunction with the recently disclosed Log4Shell exploit (CVE-2021-44228).

In two recent blog posts from the CrowdStrike Software Development Engineers in Test (SDET) team, we explored how end-to-end validation testing and modular testing design could increase the speed and accuracy of the testing lifecycle. In this latest post, we conclude our SDET series with a deep dive on how our generalized validation testing component improves efficiency, enhances product functionality and streamlines troubleshooting.