Items tagged with log4shell

If you're reading this, you probably don't need to be told that a "bug bounty" is a cash prize paid to security researchers that find a software exploit. Non-USians might need to be told that "DHS" refers to the United States Department of Homeland Security. "Hack DHS" is the bug bounty program run by the agency, and... Read more...
The Log4shell exploit in the widely-used Apache Log4j package has had just about every single sysadmin in the world working nights and weekends to desperately get their internet-facing servers updated. The problem isn't simply patching and updating Log4j itself—that was done before the problem even hit the mainstream... Read more...
Are you tired of hearing about Log4shell yet? Well settle in, because a top-3-worst-security-exploit-ever doesn't vanish overnight. Microsoft updated its article about the flaw (which we mentioned on Wednesday) once again, this time with some notes about protecting "non-Microsoft-hosted Minecraft servers." Indeed... Read more...
Even if you're from the U.S., you may not have heard of CISA. The Cybersecurity and Infrastructure Security Agency is part of the Department of Homeland Security, and it primarily handles technological threats to the nation. Well, CISA is still in the process of an all-hands red alert thanks to the Log4shell security... Read more...