
In The News This Week
1 Bitcoin equals $46,864.50 United States Dollar
https://www.coindesk.com/price/bitcoin
Gold Price Per Ounce $1,796.20
https://www.apmex.com/gold-price
Oil Price Per Barl $71.33
https://markets.businessinsider.com/commodities/oil-price?type=wti
1 Dogecoin equals $0.1574 USD
https://coinmarketcap.com/currencies/dogecoin/
This Week In Vulnerabilities:
Vulnerability Summary for the Week of December 6, 2021
https://www.cisa.gov/uscert/ncas/bulletins/sb21-347
Log4Shell: RCE 0-day exploit found in log4j 2, a popular Java logging package
https://www.lunasec.io/docs/blog/log4j-zero-day/
LunaSec Guide to Log4J
https://www.lunasec.io/docs/blog/log4j-zero-day-mitigation-guide/
Facing cybersecurity threats, Quebec shuts down government websites for evaluation
https://www.cbc.ca/news/canada/montreal/quebec-cybersecurity-threat-government-website-1.6283133
BHIS - Talkin' Bout [infosec] News 2021-12-13 | The Floor is Java
https://www.youtube.com/watch?v=igoDXnkYDy8
Diagrams for the #Log4j #Log4Shell that can help people discuss things. Hope this helps
https://twitter.com/mubix/status/1470430085169745920
https://gist.github.com/SwitHak/b66db3a06c2955a9cb71a8718970c592
current running list of affected software and what companies has made a post about it
for the c-level 2 questions are going to ask:
How many machines have this installed?
How many are compromised and talking with the outside world?
Get your Zeek logs and search for Java, and it will answer both of those questions
SheHacksPurple: Log4J explained for Software Developers and AppSec Folks
https://www.youtube.com/watch?v=-LcgOCcP7Hs
How Log4J Works and Detecting It In Your Environment (DEMO AND TOOLS)
https://www.youtube.com/watch?v=GvS-V27kFps
https://hub.crowdsec.net/author/crowdsecurity/configurations/apache_log4j2_cve-2021-44228
This Week In Privacy Or Lack Thereof:
Swiss tech company boss accused of selling mobile network access for spying
Ukraine Arrests 51 For Selling Data of 300 Million People In US, EU
This Week In Security:
Microsoft says it took over servers being used by China-based hacking group Nickel
https://www.theverge.com/2021/12/7/22822255/microsoft-hackers-china-nickel-apt15
iOS 15.2 and macOS 12.1 add several previously delayed features
Miscellaneous Stories:
Hackers Are Spamming Businesses’ Receipt Printers With ‘Antiwork’ Manifestos
Toyota owners have to pay $8/mo to keep using their key fob for remote start
Comments (0)
To leave or reply to comments, please download free Podbean or
No Comments
To leave or reply to comments,
please download free Podbean App.