- Log4j
- Security warning New zero-day in the Log4j Java library is already being exploited [Danny Palmer, ZDNet]
- CVE-2021-44228 [Mitre.org]
- Log4Shell RCE 0-day exploit found in log4j 2, a popular Java logging package [Free Wortley et al, Lunasec]
- Open Source Foundations Must Work Together to Prevent the Next Log4Shell Scramble [Brian Behlendorf, Openssf]
- Ransomware
- Shutterfly services disrupted by Conti ransomware attack [Lawrence Abrams, BleepingComputer]
- Iranian hackers behind Cox Media Group ransomware attack [Catalin Cimpanu, TheRecord]
- Second ransomware family exploiting Log4j spotted in U.S., Europe [Kyle Alspach, VentureBeat]
- Other
- FlexBooker discloses data breach, over 3.7 million accounts impacted [Ionut Ilascu, BleepingComputer]
- Microsoft Exchange year 2022 bug in FIP-FS breaks email delivery [Lawrence Abrams, BleepingComputer]
- Japanese university loses 77TB of research data following a buggy software update [Humza Aamir, Techspot]
C410 A2BE CB73 EF77 746E 9682 E2C4 91CE D20D 800F