You’d have to look far and wide to find an IT professional who isn’t aware of (and probably responding to) the Log4Shell vulnerability. The Operational Technology (OT) sector is no…
Browsing CategoryJava
Update on Apache Log4j Zero-Day Vulnerability
IBM Security is following a recent disclosure regarding an Apache vulnerability in the Log4j Java library dubbed Log4Shell (or LogJam). X-Force Exchange has further details on the exploit. Millions of…
Tor browser fixes bug that allows JavaScript to run when disabled
The Tor browser has a bug that could allow JavaScript to execute on websites even when users think they’ve disabled it for maximum anonymity. This post appeared first on Naked…
Serious Security: The decade-ending “Y2K bug” that wasn’t
We explain why you really need to RTFM. Even if TFM is very long and complicated and you are very experienced. This post appeared first on Naked Security Blog by…
CVE-2018-3211: Java Usage Tracker Local Elevation of Privilege on Windows
We found design flaw/weakness in Java Usage Tracker that can enable hackers to create arbitrary files, inject attacker-specified parameters, and elevate local privileges. In turn, these can be chained and…