How Log4j Vulnerability Could Impact You

If you hadn’t heard of Apache Log4j, chances are it’s on your radar now. In fact, you may have been using it for years. Log4j is a logging library. Imagine writing your daily activities into a notebook. That notebook is Log4j. Developers and programmers use it to take notes about what’s happening on applications and […]

The post How Log4j Vulnerability Could Impact You appeared first on Security Intelligence.

Continue reading How Log4j Vulnerability Could Impact You

The Truth About Zero-day Vulnerabilities in Web Application Security

Zero-Day Vulnerabilities are highly valued in legitimate bug bounty programs and have earned bounties of up to USD 2 million. Since no patches or fixes exist, 0-day attacks/exploits are highly.
The post The Truth About Zero-day Vulnerabilities in Web A… Continue reading The Truth About Zero-day Vulnerabilities in Web Application Security

Rogue “Malware Spreading Security Researchers” Launch Malicious Social Engineering Campaign Against Legitimate Researchers – OSINT Analysis

Security researchers from Google have recently spotted and properly analyzed a currently circulation malicious software spreading social engineering driven malicious campaign that’s actively interacting with legitimate researchers on social media and p… Continue reading Rogue “Malware Spreading Security Researchers” Launch Malicious Social Engineering Campaign Against Legitimate Researchers – OSINT Analysis

Magecart Attack Impacts More Than 10K Online Shoppers

Close to 2,000 e-commerce sites were infected over the weekend with a payment-card skimmer, maybe the result of a zero-day exploit. Continue reading Magecart Attack Impacts More Than 10K Online Shoppers

Microsoft Releases Emergency Security Updates for Windows 10, Server

The patches fix two separate RCE bugs in Windows Codecs that allow hackers to exploit playback of multimedia files. Continue reading Microsoft Releases Emergency Security Updates for Windows 10, Server

Microsoft Warns of Unpatched IE Browser Zero-Day That’s Under Active Attacks

Internet Explorer is dead, but not the mess it left behind.

Microsoft earlier today issued an emergency security advisory warning millions of Windows users of a new zero-day vulnerability in Internet Explorer (IE) browser that attackers are actively e… Continue reading Microsoft Warns of Unpatched IE Browser Zero-Day That’s Under Active Attacks

[Unpatched] Critical 0-Day RCE Exploit for vBulletin Forum Disclosed Publicly

An anonymous hacker today publicly revealed details and proof-of-concept exploit code for an unpatched, critical zero-day remote code execution vulnerability in vBulletin—one of the widely used internet forum software, The Hacker News has learned.

One… Continue reading [Unpatched] Critical 0-Day RCE Exploit for vBulletin Forum Disclosed Publicly