spring
Best of 2022: New Spring4Shell Zero-Day Vulnerability Confirmed: What it Is and How to Prepare
On March 29, 2022, a Chinese cybersecurity research firm leaked an attack that could impact most enterprise Java applications, globally. An investigation of the issue showed that the root cause was a ...
Spring4Shell Marks the end of ‘Snooze Button’ Security
Spring4Shell illustrates why back-to-back attacks are a call to action for organizations to revise and prioritize security best practices ...
Spring4Shell – by the numbers
Over the last few months, following the scramble that was Log4j, I have been asking folks I meet “what if another critical vulnerability was announced tomorrow? What would you do differently?” Well, last ...
Patch your Tomcat and JBoss instances to protect from GhostCat vulnerability (CVE-2020–1938 and…
Patch your Tomcat and JBoss instances to protect from GhostCat vulnerability (CVE-2020–1938 and CNVD-2020–10487)Credits : https://www.chaitin.cn/Identified as “GhostCat” and tracked as CVE-2020–1938 / CNVD-2020–10487, the flaw could let remote attackers (without authentication) ...