Log4Shell update: Attack surface, attacks in the wild, mitigation and remediation
Several days have passed since the dramatic reveal of CVE-2021-44228 (aka Log4Shell), an easily exploitable (without authentication) RCE flaw in Apache Log4j, a popular …
Ultimate guide to the CCSP: Build the most needed skill in cybersecurity
Cloud security is the top needed skill in the field. Prove you’re at the forefront with Certified Cloud Security Professional (CCSP) certification. Considered the industry’s …
How C-suite executives perceive their organizations’ readiness for ransomware attacks
A new (ISC)² study provides insights for cybersecurity professionals into the minds of C-suite executives and how they perceive their organisations’ readiness for ransomware …
Unused identities: A growing security threat
In early May 2021, Colonial Pipeline, the operator of the pipeline that pumps 45% of the East Coast’s fuel, announced that they had been hacked. In his testimony before the …
EV certificate usage declining: Is the internet becoming more secure?
Driven by the acceleration of digital transformation and cloud migration during the pandemic, the analysis of the world’s top 1 million sites over the last 18 months shows …
Hacker-powered pentests gaining momentum
Hackers have reported over 66,000 valid vulnerabilities this year – over 20% more than 2020 – with hacker-powered pentests seeing a 264% increase in reported …
How worried should organizations be about their phishing click rate?
Overall end user click rates remained high in the face of this year’s phishing simulation, a Terranova Security report reveals. It also details the rise in the number of …
Why is trust in legacy vendors on shaky ground?
A Vanson Bourne survey report highlights ransomware payout demands and extortion fees are massively increasing, while trust in legacy IT vendors has dipped and organizations …
Database security market to reach $16,273.8 million by 2028
The database security market size to reach $16,273.8 million by 2028 from $6,396.5 million in 2021 to grow at a CAGR of 14.3% from 2021 to 2028; while North America dominated …
Week in review: Apache Log4j 0day exploited, Kali Linux 2021.4 released, Patch Tuesday forecast
Here’s an overview of some of last week’s most interesting news, articles and interviews: Critical RCE 0day in Apache Log4j library exploited in the wild …
Critical RCE 0day in Apache Log4j library exploited in the wild (CVE-2021-44228)
A critical zero-day vulnerability in Apache Log4j (CVE-2021-44228), a widely used Java logging library, is being leveraged by attackers in the wild – for now, …
Vulnerabilities in Eltima SDK affect popular cloud desktop and USB sharing services
SentinelOne researchers have unearthed a number of privilege escalation vulnerabilities in Eltima SDK, a library used by many cloud desktop and USB sharing services like …
Featured news
Resources
Don't miss
- CERT-UA warns against “security audit” requests via AnyDesk
- Decentralization is happening everywhere, so why are crypto wallets “walled gardens”?
- AI-driven insights transform security preparedness and recovery
- NDR’s role in a modern cybersecurity stack
- How Russian hackers went after NGOs’ WhatsApp accounts