Log4j
-
Google Launches Largest Distributed Database of Open Source Vulnerabilities
Dec 13, 2022Ravie LakshmananOpen Source / Vulnerability Database Google on Tuesday announced the open source availability of OSV-Scanner, a scanner…
Read More » -
Researchers Uncover New Drokbk Malware that Uses GitHub as a Dead Drop Resolver
Dec 09, 2022Ravie Lakshmanan The subgroup of an Iranian nation-state group known as Nemesis Kitten has been attributed as behind…
Read More » -
Iranian Hackers Compromised a U.S. Federal Agency’s Network Using Log4Shell Exploit
Iranian government-sponsored threat actors have been blamed for compromising a U.S. federal agency by taking advantage of the Log4Shell vulnerability…
Read More » -
Last Years Open Source – Tomorrow’s Vulnerabilities
Linus Torvalds, the creator of Linux and Git, has his own law in software development, and it goes like this:…
Read More » -
Microsoft Warns of Ransomware Attacks by Iranian Phosphorus Hacker Group
Microsoft’s threat intelligence division on Wednesday assessed that a subgroup of the Iranian threat actor tracked as Phosphorus is conducting…
Read More » -
Google Launches New Open Source Bug Bounty to Tackle Supply Chain Attacks
Google on Monday introduced a new bug bounty program for its open source projects, offering payouts anywhere from $100 to…
Read More » -
Iranian Hackers Exploiting Unpatched Log4j 2 Bugs to Target Israeli Organizations
Iranian state-sponsored actors are leaving no stone unturned to exploit unpatched systems running Log4j to target Israeli entities, indicating the…
Read More » -
The Age of Collaborative Security: What Tens of Thousands of Machines Witness
Disclaimer: This article is meant to give insight into cyber threats as seen by the community of users of CrowdSec.…
Read More » -
Difference Between Agent-Based and Network-Based Internal Vulnerability Scanning
For years, the two most popular methods for internal scanning: agent-based and network-based were considered to be about equal in…
Read More »