vulnerability - Tagged - Security Boulevard
Wiring between an SPI flash memory and a bus interface

Methods for Extracting Firmware from OT Devices for Vulnerability Research

This second part of our hardware hacking series focuses on how to dump the memory contents for two different kinds of memory packages, WSON and SOP/SOIC. The post Methods for Extracting Firmware ...
A Toast to the Cybersecurity Incidents of 2021

A Toast to the Cybersecurity Incidents of 2021

Let’s take a Cyber Drink to 2021   Cybersecurity professionals have been put in the spotlight this year. We applaud your hard work and service to protect society as the threats only get ...
Fulfilling Security Requirements for the Transportation Sector

Fulfilling Security Requirements for the Transportation Sector

Protecting our critical infrastructure against the threat of ransomware remains a top priority for both the private sector and the federal government. In fact, a recent survey from Tripwire found that security ...
LOG4J vulnerability the most serious I've seen in my decades-long career: CISA director

The Security and Business Impact of Log4J

You don’t need to be embedded in the tech world to have seen these apocalyptic headlines flooding your screens within the last few weeks. A major vulnerability to cybersecurity across the internet was revealed in the widely used, open-source Java-based data logging ...
Log4j Vulnerability, Apple AirTags Used by Thieves, The FBI's Encrypted Messaging App Document

Log4j Vulnerability, Apple AirTags Used by Thieves, FBI’s Encrypted Messaging App Document

This week we discuss the Apache Log4j vulnerability and the impact it will have on organizations now and into the future, details on how Apple AirTags are being used by thieves to ...

Axio’s statement on the Log4J vulnerability (CVE-2021-44228)

On Dec 9th, 2021, security researchers published a report of a high risk “zero day” vulnerability (CVE-2021-44228) affecting a common software package (Apache Log4J) that can allow remote code execution. Axio360 is ...

The DHS is inviting hackers to break into its systems, but there are rules of engagement

The United States Department of Homeland Security (DHS) is inviting security researchers to uncover vulnerabilities and hack into its systems, in an attempt to better protect itself from malicious attacks. The DHS ...
Log4Shell : JNDI Injection via Attackable Log4J

Log4Shell : JNDI Injection via Attackable Log4J

Log4Shell : JNDI Injection via Attackable Log4JApache log4j2 is one of the most widely utilized logging library in the Java ecosystem. Many applications depend on log4j that include and are not limited to ...
UPDATED: Cybereason Log4Shell Vaccine Offers Permanent Mitigation Option for Log4j Vulnerabilities (CVE-2021-44228 and CVE-2021-45046)

UPDATED: Cybereason Log4Shell Vaccine Offers Permanent Mitigation Option for Log4j Vulnerabilities (CVE-2021-44228 and CVE-2021-45046)

UPDATE 12/17/21: The Logout4Shell Vaccine has been updated to add a persistent option in addition to the existing one which reverted upon server restart. The previous version of the Vaccine used the ...