|
Stickies No stickies found. |
|
log4j2 fiascoat 13:49 - 15th, December 2021I cannot believe this has gone so far under the radar that I'm only hearing about it now, nearly a week after news was made public. Apparently the latest patch to Apache logging software is exploitable and Apache is considering it a level 10 (maximum) security risk to all apache servers running the patch.
Here's a small list of the servers affected:
That's a hell of a list. It's raised all sorts of doubt on the Open Source movement for some reason and has brought light to the problems of Corporations using but not providing any financial support to open source developers. This is crazy. From the Wiki post A zero-day vulnerability involving remote code execution in Log4j 2, given the descriptor "Log4Shell" (CVE-2021-44228), was found and reported to Apache by Alibaba on November 24, 2021, and published in a tweet on December 9, 2021.[8] Affected services include Cloudflare, iCloud, Minecraft: Java Edition,[38] Steam, Tencent QQ, and Twitter.[39][40][41] The Apache Software Foundation assigned the maximum CVSS severity rating of 10 to Log4Shell, as millions of servers could be potentially vulnerable by the exploit.[41] The vulnerability was characterised by cybersecurity firm Tenable as the "the single biggest, most critical vulnerability of the last decade"[9] and Lunasec's Free Wortley characterized it as "a design failure of catastrophic proportions".[42] And for it to be reported by alibaba of all companies is quite shocking to me. Similar posts
asian guy disguised as old white man to avoid
(media inside) The Olympics
Just got this from my media guy here, very interesting. it's the security side of the olym... What you all been up to?
I've been super busy with work during the day, since dad took off for Europe, which is al... 2002 Copiers save every document you scan, be
(media inside) Fake Cell phone towers popping up across US
Well now, this is interesting.
Seventeen fake cellphone towers were ...
|
Recent Comments
Chiptunes Thread!
Current status: Busy -...
The Joy of Roguelikes ...
No Time to Die
Cowboy Bebop Netflix
Kena: Bridge of Spirit...
Site issues
Trance Fridays #368 - ...
Chance of getting it
The Matrix Resurrectio...
Chainsaw Man trailer
Scooby
Duke Nukem Forever
Clifford Just Called
happy birthday JS!
Porter Robinson - Nurt...
Interesting site stats
Biden pulls plug on CO...
Introducing Seagate Ma...
After 27 years, you ca...
Top News This Month
Trance Fridays #378 ...
Trance Fridays #379 ...
Trance Fridays #380 ...
Microsoft to purchas...On this day
Dogs as Shark Bait -...
How they possibly ma...
And they called it r...
Who's watching the a...
Behind the Disappear...
Gravatar has arrived
Just in case you for...
Trance Fridays #119 ...
Searching for flight...
Recent Tags Microsoft Sony Activision Blizzard buyout crash bandicoot call of duty diablo warcraft world of warcraft hearthstone tony hawk guitar hero starcraft Trance Fridays Lane 8 Arctic Lake trance fridays martin roth hypno seq Trance Fridays Braxton wilderness vocals anjunadeep Trance fridays Andy Duguid Be extended mix motivational uplifting feel good trance fridays franky wah olive youre not alone deep dark progressive
TOP 20
Mini PortMini Bison Burn Me Stream Tear (1280x1024) Cityscape Zelda's Crest Rise Peace Alone Cold Streaming Light Tower - BG Pond Dreams Fade Sunset Blood Sirqles 9th Angel Three Travellers Recent Added Art
Mini PortMini Bison Citadel Mini Hallstatt Mini Zelda's Crest Tower - BG Cold Dreams Fade Streaming Light Stalactites High Ground Pond Moons OctoMod Three Travellers Stream Sunset Strain Outside Sign Road Sign |