OverviewFollowing the discovery of Log4Shell, a vulnerability in Log4J2, Elastic released a blog post describing how users of our platform can leverage Elastic Security to help defend their networks. We also released an advisory detailing how Elastic products and users are impacted.In this blog, we expand on these initial posts and highlight how the combination of security and … [Read more...] about Investigate Log4Shell exploits with Elastic Security and Observability
exploits
Defending Against Log4j Exploits with Cisco Secure Endpoint
The Apache Log4j vulnerability (CVE-2021-44228) is on the mind of nearly every cybersecurity and IT team right now because of its widespread usage, ease of exploitation, and broad attack surface. This blog provides an overview of how Cisco Secure Endpoint helps protect your environment from attackers exploiting this vulnerability. What You Need to Know About Log4j On Thursday, … [Read more...] about Defending Against Log4j Exploits with Cisco Secure Endpoint
1-Click iPhone and Android Exploits Target Tibetan Users via WhatsApp
A team of Canadian cybersecurity researchers has uncovered a sophisticated and targeted mobile hacking campaign that is targeting high-profile members of various Tibetan groups with one-click exploits for iOS and Android devices.Dubbed Poison Carp by University of Toronto's Citizen Lab, the hacking group behind this campaign sent tailored malicious web links to its targets over … [Read more...] about 1-Click iPhone and Android Exploits Target Tibetan Users via WhatsApp
New Mac Malware Exploits GateKeeper Bypass Bug that Apple Left Unpatched
Cybersecurity researchers from Intego are warning about possible active exploitation of an unpatched security vulnerability in Apple's macOS Gatekeeper security feature details and PoC for which were publicly disclosed late last month.Intego team last week discovered four samples of new macOS malware on VirusTotal that leverage the GateKeeper bypass vulnerability to execute … [Read more...] about New Mac Malware Exploits GateKeeper Bypass Bug that Apple Left Unpatched
Hacker Disclosed 3 Unpatched Microsoft Zero-Day Exploits In Less Than 24 Hours
Less than 24 hours after publicly disclosing an unpatched zero-day vulnerability in Windows 10, the anonymous hacker going by online alias "SandboxEscaper" has now dropped new exploits for two more unpatched Microsoft zero-day vulnerabilities.The two new zero-day vulnerabilities affect Microsoft's Windows Error Reporting service and Internet Explorer 11.Just yesterday, while … [Read more...] about Hacker Disclosed 3 Unpatched Microsoft Zero-Day Exploits In Less Than 24 Hours
Oracle WebLogic Exploit-fest Continues with GandCrab Ransomware, XMRig
Snowballing attacks using a recently patched critical bug show no sign of abating. Source link … [Read more...] about Oracle WebLogic Exploit-fest Continues with GandCrab Ransomware, XMRig
Exploits for Social Warfare WordPress Plugin Reach Critical Mass
More and more attacks taking advantage of a XSS and RCE bug in the popular plugin have cropped up in the wild. Source link … [Read more...] about Exploits for Social Warfare WordPress Plugin Reach Critical Mass