The developers of Log4j have patched another remote code execution vulnerability affecting the widely used logging utility. CVE-2021-44228, also known as Log4Shell, was identified in late November and it has been exploited in many attacks since early December. Since the discovery of this bug, security researchers have been increasingly interested in Log4j, which, unsurprisingly, has led to the discovery of several new vulnerabilities. READ MORE...
Many LastPass users report that their master passwords have been compromised after receiving email warnings that someone tried to use them to log into their accounts from unknown locations. The email notifications also mention that the login attempts have been blocked because they were made from unfamiliar locations worldwide. "Someone just used your master password to try to log in to your account from a device or location we didn't recognize," the login alerts warn. READ MORE...
Security researchers at Check Point are publicly documenting the Equation Group APT's DoubleFeature, a component of DanderSpritz post-exploitation framework. In a report published this week, the researchers provide a detailed analysis of DoubleFeature, the DanderSpritz component that was designed to generate "a log and report about the types of tools that could be deployed on the target." READ MORE...
More than 80% of Java packages affected by the vulnerability in the Apache Log4j library cannot be updated directly, and will require coordination between different project teams to address the flaw. Shortly after the first vulnerability in the Apache Log4j library (CVE-2021-44228) was disclosed, Google's Open Source Insights Team surveyed all the Java packages in the Maven Central Repository. READ MORE...
In the second quarter of 2021, American workers began resigning from their jobs at a historic rate. The "Great Resignation", as it's since been dubbed, has seen the U.S. set monthly records for the number of workers leaving their jobs three times this year. In September alone, 4.4 million workers resigned from their jobs. The same trend is being seen in the U.K., where resignations are at their highest level in 20 years. READ MORE...
The RedLine information-stealing malware targets popular web browsers such as Chrome, Edge, and Opera, demonstrating why storing your passwords in browsers is a bad idea. This malware is a commodity information-stealer that can be purchased for roughly $200 on cyber-crime forums and be deployed without requiring much knowledge or effort. However, a new report by AhnLab ASEC warns that the convenience of using the auto-login feature on web browsers is becoming a substantial security problem. READ MORE...
Hackers behind a cryptomining campaign have managed to avoid detection since 2019. The attacks exploited misconfigured Docker APIs that allowed them to gain network entry and ultimately sets up a backdoor on compromised hosts to mine cryptocurrency, researchers said. The attack technique is script-based and dubbed "Autom", because it exploits the file "autom.sh". Attackers have consistently abused the API misconfiguration during the campaign's active period, however the evasion tactics have varied. READ MORE...