Many Java-based applications and servers vulnerable to new Log4Shell exploit

Many Java-based applications and servers vulnerable to new Log4Shell exploit

Why it matters: Earlier this week, developers of the open-source security platform LunaSec discovered a zero-day vulnerability affecting a widely used Java-based logging library. The vulnerability, identified in a blog post as Log4Shell (CVE-2021-44228), can give third parties the ability to execute malicious code on vulnerable systems. The vulnerability’s discovery…

New Windows print spooler zero day exploitable via remote print servers

New Windows print spooler zero day exploitable via remote print servers

Another zero day vulnerability in Windows Print Spooler can give a threat actor administrative privileges on a Windows machine through a remote server under the attacker’s control and the ‘Queue-Specific Files’ feature. Last month, a security researcher accidentally revealed a zero-day Windows print spooler vulnerability known as PrintNightmare that Microsoft tracks as…

منوی اصلی