Skip to content
Permalink
main
Switch branches/tags

Name already in use

A tag already exists with the provided branch name. Many Git commands accept both tag and branch names, so creating this branch may cause unexpected behavior. Are you sure you want to create this branch?
Go to file
 
 
Cannot retrieve contributors at this time

Notes

Log4j

0day exploit for Log4j Java library could have a tsunami impact on IT giantsSecurity Affairs

Digging deeper into Log4Shell - 0Day RCE exploit found in Log4j | Fastly

Apache Log4j2 Security Bulletin (CVE-2021-44228)

The Internet’s biggest players are all affected by critical Log4Shell 0-day | Ars Technica

Analysis: Log4j Vulnerability Highlights the Value of Defense-in-Depth, Accurate Inventory

Digging deeper into Log4Shell - 0Day RCE exploit found in Log4j | Fastly

Understanding Log4Shell via Exploitation and Live Patching (CVE-2021-44228 + CVE-2021-45046) | LunaSec

Hackers Begin Exploiting Second Log4j Vulnerability as a Third Flaw Emerges

Log4Shell Makes Its Appearance in Hacker Chatter: 4 Observations | Rapid7 Blog

Hackers Begin Exploiting Second Log4j Vulnerability as a Third Flaw Emerges

Log4Shell Update: Second log4j Vulnerability Published (CVE-2021-44228 + CVE-2021-45046) | LunaSec

fullhunt/log4j-scan: A fully automated, accurate, and extensive scanner for finding log4j RCE CVE-2021-44228

The Numbers Behind Log4j CVE-2021-44228 - Check Point Software

Log4Shell: We Are in So Much Trouble – The New Stack

Hackers launch over 840,000 attacks through Log4J flaw | Ars Technica

Patching Log4Shell in One Command Without Downtime Using Ephemeral Containers | by Eden Federman | Dec, 2021 | Medium

Guide: How To Detect and Mitigate the Log4Shell Vulnerability (CVE-2021-44228 & CVE-2021-45046) | LunaSec

BlueTeam CheatSheet * Log4Shell* | Last updated: 2021-12-18 0018 UTC

Hotpatch for Apache Log4j | AWS Open Source Blog

Apache Releases Log4j Version 2.15.0 to Address Critical RCE Vulnerability Under Exploitation | CISA

Other Notes

Open Source in China: Next Four Years

"Open Source" is Broken - Xe

Russian hackers bypass 2FA by annoying victims with repeated push notifications - The Record by Recorded Future

A New Chapter for HashiCorp

How eBPF will solve Service Mesh - Goodbye Sidecars

Hackers jailbreak the PS4, claim kernel exploit also works on PS5

Project Zero: A deep dive into an NSO zero-click iMessage exploit: Remote Code Execution

Microsoft Patches Zero-Day Spreading Emotet Malware

Peloton CEO Apologizes After Holiday Party Frustrates Employees

Karpenter node provisioner for Kubernetes - YouTube

Keeping curl safe | daniel.haxx.se

Chrome Users Beware: Manifest V3 is Deceitful and Threatening | Electronic Frontier Foundation

How to migrate from CentOS 8 to Rocky Linux (conversion) - nixCraft