Protective DNS a Scalable, Continuous Method for Detecting Log4J Attacks
The Log4J vulnerability is easy to exploit and hard to detect instantaneously—unless you’re monitoring your DNS traffic. Earlier this month, a critical remote code execution vulnerability was announced in the open-source Java-based ...
AppSec and Software Community Respond to Log4j
The application security and the open source software communities rose to the challenge of the Java Log4j vulnerability, patching software, sharing information and providing mitigations and tools. We aren’t out of the ...
Log4Shell is the worst security issue of the decade: what you should do
Last week, we discussed the Log4Shell and other Log4j-related vulnerabilities, implications, and recommended mitigation actions. I see that the Log4Shell vulnerability, which has transformed into multiple vulnerabilities, is going to stay with ...
Instant Log4j protection. Shield and hunt with Traceable AI
A look at the challenges teams face with mitigating Log4j vulnerabilities (i.e. Log4Shell) and how Traceable AI closes those gaps. The post Instant Log4j protection. Shield and hunt with Traceable AI appeared ...
Instant Log4j protection. Shield and hunt with Traceable AI
A look at the challenges teams face with mitigating Log4j vulnerabilities (i.e. Log4Shell) and how Traceable AI closes those gaps. The post Instant Log4j protection. Shield and hunt with Traceable AI appeared ...
Why are Targeted Email Attacks so Difficult to Stop?
When it comes to email security threats, one of the most common (and most underestimated) forms of attack is email phishing. Particularly for companies, phishing attacks can be critical when it comes ...
Best of 2021 – Take a Moment to Hug Your Friends & Family: RIP Dan Kaminsky
As we close out 2021, we at Security Boulevard wanted to highlight the most popular articles of the year. Following is the next in our series of the Best of 2021. The ...
Best of 2021 – State of Underground Card Shops in 2021
(life after Joker’s Stash) Table of Contents Introduction Active credit card shops FERum Shop Brian’s Club Thefreshstuffs Missing Credit Card Shops ValidCC VaultMarket Rescator Conclusions Introduction On February 15, 2021, ...
APWG’s eCrime 2021 Symposium Shows Cybercrime Evolving
Cybercrime is here, it is dynamic and it is not going anywhere. The Anti-Phishing Working Group (APWG) hosted its 16th annual Electronic Crime Research symposium, APWG eCrime 2021 in early December. The ...
Log4J/Log4Shells Exploit Analysis (CVE-2021-44228)
As a follow up to our other blog post related to CVE-2021-44228, the Remote Code Execution (RCE) vulnerability affecting Apache Log4j, we wanted to go into analysis of a log4shells attack. Who ...
