Author: Admin

A critical vulnerability, registered as CVE-2021-44228 (Log4Shell), has been identified in Apache Log4j 2, which is an open source Java package used to enable logging in.[1] The vulnerability was discovered by Chen Zhaojun of Alibaba in late November 2021, reported to Apache, and subsequently released to the public on December 10, 2021.[2] The Apache Software Foundation (ASF) rates CVE-2021-44228 as a 10 on the common vulnerability scoring system (CVSS) scale.[3] Log4Shell is a remote code…

Police have arrested a professor at a Louisiana university after child sexual abuse material was discovered on his office desktop computer.  An investigation was begun in East Baton Rouge on Thursday after officials at Louisiana State University’s (LSU’s) Agricultural Center (AgCenter) were contacted by concerned employees in the center’s IT department.  The IT workers raised the alarm after discovering files with “names that alarmed them” on the hard drive of a work computer used by sixty-one-year-old cotton…

An American non-profit cybersecurity training and IT company is inviting cybersecurity fans everywhere to boost their skills by taking part in a free festive hacking competition.  Competitors participating in the SANS Institute’s 2021 Holiday Hack Challenge must battle cyber-villains including Jack Frost to help Santa Claus save the holiday season.  Over a series of online games ranging in difficulty level from beginner right up to serious expert, players must come to the aid of the white-bearded legend, his elven…

  After more than 10 years working at PCI Security Standards Council (PCI SSC), Ralph Poore, Director, Emerging Standards, retires at the end of the year. In this blog, we interview Ralph about his career in cryptography, security and the payments industry, the most rewarding aspects of his career, and how he plans to stay involved with the PCI SSC as well as his retirement plans.

The personal Twitter account of India’s prime minister, Narendra Modi, has been attacked by cyber-criminals. Hackers compromised the leader’s social media account in the early hours of December 11 to tweet a message to his more than 73 million followers. The brazen hackers posted a tweet falsely claiming that India would be adopting Bitcoin as its official currency. The lies didn’t end there, as the threat actors went on to falsely state that the Indian government had bought 500…

Apache has patched the vulnerability in its Log4j 2 library, but attackers are searching for unprotected servers on which they can remotely execute malicious code. iStock/weerapatkiatdumrong A serious security vulnerability in a popular product from Apache has opened the floodgates for cybercriminals to try to attack susceptible servers. On Thursday, a flaw was revealed in Apache’s Log4j 2, a utility used by millions of people to log requests for Java applications. Named Log4Shell, the vulnerability…