Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

cyberint

CVE-2021-44228: Log4J2 Remote Code Execution

Dec 12, 2021 By Cyberint In Cyberint
On Dec. 9, 2021, a remote code execution (RCE) vulnerability in Apache log4j 2 was identified, (Dubbed “Log4Shell” by researchers), affecting massive amounts of servers all over the world. As this vulnerability gains high traction worldwide, it’s important to note, that not only internet facing java applications are vulnerable, as user input can traverse to another non-internet facing machines and exploit these as well.
Read Post

Security risks of Cloud Computing | Threats, Issues and Challenges

Dec 12, 2021 By Cyphere In Cyphere
Cloud computing is the latest buzzword in the IT world. It's often touted as a cost-saving, high-performance alternative to traditional on-site data storage solutions. But there are risks involved with cloud computing that you need to be aware of before jumping into this new technology! In this video, I'll discuss some different threats, issues and challenges related to security for companies who are considering moving their data up into the cloud or have already done so.
View Video
Forescout

Forescout's Response to Apache Log4j Vulnerabilities

Dec 12, 2021 By Forescout Research Labs In Forescout

Updated 12/20/21 On December 9, 2021, Apache published a zero-day vulnerability (CVE-2021-44228) for Apache Log4j being referred to as “Log4Shell”. This “critical” vulnerability (CVSS score: 10) allows a remote attacker to take control of an affected system. When exploited, this vulnerability allows an attacker to run arbitrary code on the device, giving full control over to the attacker.

Read Post
tripwire

What Are the Key Challenges for Cybersecurity Professionals Going into 2022?

Dec 12, 2021 By Martina Dove In Tripwire

Tripwire recently conducted a series of surveys and interviews to understand IT professionals who manage security for their company. The cybersecurity landscape is constantly changing, new challenges are rapidly emerging, and new threats have surfaced, especially throughout the pandemic. We were curious to know some of the struggles that security professionals experience as a part of their job.

Read Post
tripwire

A Bank SMS Text Phish Attempt

Dec 12, 2021 By Andrew Swoboda In Tripwire

Phishing attempts over text messages are becoming more prevalent. I received an SMS text message that contained a phishing attempt for a Canadian Bank. The message implied that I have received a new notification with this bank and I should visit the provided link. I usually do not click on any links, but I decided to see what would happen when I navigated to the page.

Read Post
armo

CVE-2021-44228 - Log4Shell - Vulnerability and its impact on Kubernetes

Dec 12, 2021 By Ben Hirschberg In ARMO

On Dec 9th, a critical zero-day vulnerability - CVE-2021-44228 - was announced concerning the Java logging framework - Log4j All current versions of log4j2 up to 2.14.1 are vulnerable. To remediate this vulnerability, please update to version 2.15.0 or later.

Read Post
armo

How to Use Kubernetes Audit Logs to Identify Potential Security Issues

Dec 11, 2021 By Amir Kaushansky In ARMO

Audit logging involves recording transactions and system events, making it an invaluable tool for regulatory compliance, digital forensics, and information security. In a typical Kubernetes ecosystem, auditing involves providing chronological, activity-relevant records documenting events and actions in a cluster. Modern logging tools come with aggregation and analytical functionalities so that teams can use log data to mitigate security threats.

Read Post

Copyright © 2026 OpsMatters™. All rights reserved.