Original Fix for Log4j Flaw Fails to Fully Protect Against DoS Attacks, Data Theft

Apache Log4j 2.15.0 fix for log4j flaw does not adequately protect against attacks in some situations, experts say. Praetorian, among the first to exploit the Log4J flaw last Friday, says it’s vulnerable to exfiltration of data under certain conditions. Apache Foundation releases new version of Log 4.16.0 to address the issue. Security experts urge organizations to quickly update to the new version to avoid DoS attacks. Microsoft says Iranian threat actor Phosphorous has acquired an exploit for the Log 4j and made modifications to it.”]

Source: https://www.darkreading.com/application-security/original-fix-for-log4j-flaw-fails-to-fully-protect-against-dos-attacks-data-theft

Something Fresh

What to Know About The Jamaica Data Protection Act

St Vincent and the Grenadines embracing CariSECURE

Jamaica's Gov’t Looking to Finalize Data Protection Act Regulations

What People Reading

Feedback and data-driven updates to Googles disclosure policy

Mozilla Says Google's New Ad Tech - FLoC - Doesn't Protect User Privacy

Selling technology to cops, part 2

Launching AnonLeaks, Ready To Dump More HBGary E-mails!

RSA: Geolocation shows just how dead privacy is

Categories

Partners

Just add here your partners image or promo text