Wahnsinn. #opensource #linux #log4j #itsec #exploits
"I am no hero" Unfassbar gut, lieber @br_data ! #br #bayerischerrundfunk
Linkempfehlung ARD Audiothek
Wahnsinn. #opensource #linux #log4j #itsec #exploits
"I am no hero" Unfassbar gut, lieber @br_data ! #br #bayerischerrundfunk
Linkempfehlung ARD Audiothek
You can call yourself a senior programmer when you have at least one in your
life, told yourself: "I should have logged this."
Remember two years ago? During the #log4j craze I received this demanding email requiring quick answers to where my open source projects used log4j:
https://daniel.haxx.se/blog/2022/01/24/logj4-security-inquiry-response-required/
Fehlende Upgrades: Mehr als jede dritte Anwendung mit Log4j ist angreifbar - Golem.de
https://glm.io/180220?n #Log4j
North Korean hackers using Log4J vulnerability in global campaign https://therecord.media/north-korean-hackers-using-log?utm_medium=email&_hsmi=286069862&utm_content=286068530&utm_source=hs_email
“Evaluate user input, JNDI. Or programmers will invent a worse way to do it, again.”
This Week in Security: Oracle Opera, Passkeys, and AirTag RFC - There’s a problem with Opera. No, not that kind of opera. The Oracle kind. Oracle ... - https://hackaday.com/2023/05/05/this-week-in-security-oracle-opera-passkeys-and-airtag-rfc/ #hackadaycolumns #securityhacks #airtag #oracle #log4j #news
#showerthoughts How concerned are folks over #log4J 1.x #vulnerabilities going unpatched in older software? I.E - If it's on your network are you concerned? #patching #java #dependencies