%term

Log4Shell Is the Most Dangerous Exploit Since Shellshock

Dec 10, 2021 By SecurityScorecard In SecurityScorecard

Earlier today, a serious flaw was discovered in the widely used Java logging library Apache Log4j. The vulnerability, ‘Log4Shell,’ was first identified by users of a popular Minecraft forum and was apparently disclosed to the Apache Foundation by Alibaba Cloud security researchers on Nov. 24, 2021. The vulnerability has the potential to allow unauthenticated remote code execution (RCE) on nearly any machine using Log4j.

Read Post

SecurityScorecard

Read more about Log4Shell Is the Most Dangerous Exploit Since Shellshock

CVE-2021-44228 - Log4j zero day vulnerability, detection and Log4shell fix

Dec 10, 2021 By Harman Singh In Cyphere

Log4j zero-day vulnerability is flooding the security updates/news everywhere. This issue has been named Log4shell and assigned CVE-2021-44228 (still awaiting analysis at the time of writing).

Read Post

Cyphere

Read more about CVE-2021-44228 - Log4j zero day vulnerability, detection and Log4shell fix

SECURITY NOTICE: Log4j.2.x NEWS

Dec 10, 2021 By Veracode In Veracode

Is the Log4j Zero-Day RCE (CVE-2021-44228) vulnerability affecting you? Check out this quick chat with Chris Wysopal and Giuseppe Trovato to learn more about this new #vulnerability and what it could mean for you.

View Video

Veracode

Read more about SECURITY NOTICE: Log4j.2.x NEWS

URGENT: Analysis and Remediation Guidance to the Log4j Zero-Day RCE (CVE-2021-44228) Vulnerability

Dec 10, 2021 By The Veracode Research Team In Veracode

A previously unknown zero-day vulnerability in Log4j 2.x has been reported on December 9, 2021. If your organization deploys or uses Java applications or hardware running Log4j 2.x your organization is likely affected.

Read Post

Veracode

Read more about URGENT: Analysis and Remediation Guidance to the Log4j Zero-Day RCE (CVE-2021-44228) Vulnerability

Log Jammin'- Detecting Log4j 2 RCE Using Splunk

Dec 10, 2021 By Ryan Kovar In Splunk

Authors and Contributors: As always, security at Splunk is a family business. Credit to authors and collaborators: Ryan Kovar, Shannon Davis, Marcus LaFerrera, John Stoner, James Brodsky, Dave Herrald, Audra Streetman, Johan Bjerke, Drew Church, Mick Baccio, Lily Lee, Tamara Chacon, Ryan Becwar. If you want just to see how to find detections for the Log4j 2 RCE, skip down to the “detections” sections.

Read Post

Splunk

Read more about Log Jammin'- Detecting Log4j 2 RCE Using Splunk

Splunk TV - TV Companion

Dec 9, 2021 By Splunk In Splunk

Introducing Splunk TV Companion, an iPad App that allows you to remotely control the content of multiple TVs. Save a dashboard layout on multiple TVs as a shortcut to quickly switch content when responding to alerts, or or split a single dashboard across a grid of TVs. Whether you have several TVs in a single location or are remotely managing a group of TVs across the globe, use Splunk TV to coordinate your workforce around important events from a central location and rapidly bring dashboards to the attention of those who need it.

View Video

Splunk

Read more about Splunk TV - TV Companion

Splunk TV - TV Power User Demo

Dec 9, 2021 By Splunk In Splunk

See a demo of how Splunk TV supports power user features such as set/unset/depends and rejects tokens, the submit button, non global form-inputs and multi instance registration. Splunk TV enables you to optimize the dashboard display experience and securely display all your content without the need for any interactivity.

View Video

Splunk

Read more about Splunk TV - TV Power User Demo

Slack: Turning Data into Doing

Dec 9, 2021 By Splunk In Splunk

Combining data and collaboration is essential to thriving in the Data Age. Slack’s Director of Product Security Larkin Ryder chats with Splunk security maven Jane Wong about why Slack and Splunk are a match made in heaven. Plus, she reveals her predictions for the future of work and what our current climate means for the state of security.

View Video

Splunk

Read more about Slack: Turning Data into Doing

Splunk Live Chat with The Hill: Cybersecurity Trends in the Public Sector

Dec 8, 2021 By Splunk In Splunk

Join the LIVE cybersecurity discussion featuring: Topic: How cybersecurity in the public sector space has shifted over the course of the last year due to the introduction of cybersecurity legislation and federal agencies’ focus on Zero Trust as well as key federal certifications like FedRAMP and IL5.

View Video

Splunk

Read more about Splunk Live Chat with The Hill: Cybersecurity Trends in the Public Sector

Listen To Those Pipes: Part 2

Dec 8, 2021 By Shannon Davis In Splunk

This blog post is part thirty of the "Hunting with Splunk: The Basics" series. Shannon Davis provided the first half of this blog on pipe hunting in part twenty-nine, and will now run through the second half! – Ryan Kovar

Read Post

Splunk

Read more about Listen To Those Pipes: Part 2

Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Log4Shell Is the Most Dangerous Exploit Since Shellshock

CVE-2021-44228 - Log4j zero day vulnerability, detection and Log4shell fix

SECURITY NOTICE: Log4j.2.x NEWS

URGENT: Analysis and Remediation Guidance to the Log4j Zero-Day RCE (CVE-2021-44228) Vulnerability

Log Jammin'- Detecting Log4j 2 RCE Using Splunk

Splunk TV - TV Companion

Splunk TV - TV Power User Demo

Slack: Turning Data into Doing

Splunk Live Chat with The Hill: Cybersecurity Trends in the Public Sector

Listen To Those Pipes: Part 2

Monthly Archive

Follow Us