😂😂

The Log4j defect is a FLAW (not a bug) that is now deeply impacting everyone. ARA. IriusRisk "Lack of strict separation between data and control instructions, and as a result processing control instructions received from an untrusted source." bit.ly/ieee-CSD-gem

The patched version of log4j 2.15.0 requires a minimum of Java 8. If you are on Java 7 you will need to upgrade to Java8 When there is active exploitation and you need to patch fast it is beneficial if you have been updating your other dependencies over time.

Nothing says "brace for impact" on a vulnerability like coin miners being deployed. This is bottom feeder activity, consider it like a low water mark.

The entire cybersecurity community reading about Log4Shell.

Looking for a new job? Consider applying to Kellogg's using the name ${jndi:ldap://127.0.0.1:1389/a}

I've prepared a TryHackMe room to demonstrate #log4j #log4shell CVE-2021-44228, explaining the vulnerability, attack vector, and more importantly, detection, mitigations and patching. Working with THM staff to get this in your hands -- it should be available soon.

I am a AppSec Engineer We don't fail, We iterate : )

We just made 24 new @kiva micro-loans for the new year using paybacks from earlier loans. Please join us! KIVA is awesome. bit.ly/cigitalgem-kiva

Do you have these dangerous HTTP methods enabled on your server? link.medium.com/tl1pjkVuImb

I came across this bit my Simon Bennetts ⚡🇺🇦 in my bookmarks so I thought I'd send people after it again because it's a good read. #juiceshop #zaproxy #owasp #mozilla hacks.mozilla.org/2018/03/hands-…

Repeat after me: most individuals do not need a VPN to "protect against eavesdropping from your ISP" or to "maximize your privacy." Using a consumer grade VPN may result in less privacy. ISPs/LE/etc know VPN exit nodes and they're likely under near perpetual surveillance.

The oldest fight club ->

Anyone up for a SecFightClub Twitter Space?

Do you want to join security fight club??

Do you meet weekly? Do you learn from others? Do you jump in the ring with professionals? This is how you level up

Would you join a security fight club Twitter Space?

If I hit 1,000 follower I will take this to the next level, some actions are restricted on Twitter : ) Who is in for Security Fight Club? Some of the best security hands on skills, I will line up some strong killerz : )

Learn who you align with Know who has your back Know your self This is how you know where to plant your feet.