Log4j

Iran-backed hackers breached a US federal agency that failed to patch year-old bug
Iran-backed hackers breached a US federal agency that failed to patch year-old bug
Infosec Security 

Iran-backed hackers breached a US federal agency that failed to patch year-old bug

Carly Page 208 Views, , , 2 min read

The U.S. government’s cybersecurity agency says hackers backed by the Iranian government compromised a federal agency that failed to patch against Log4Shell, a vulnerability fixed almost a year ago. In an alert published Thursday, the Cybersecurity and Infrastructure Security Agency said that a federal civilian executive branch organization (FCEB) was breached by Iranian government hackers […]

Read more
Former Palantir engineers raise $20M to simplify web3 tooling
Former Palantir engineers raise $20M to simplify web3 tooling
Column Infosec Security Startups 

Protestware on the rise: Why developers are sabotaging their own code

Zack Whittaker 272 Views, , , , , , , , , , , , , , 9 min read

Ax Sharma Contributor Share on Twitter Ax Sharma is a security researcher and reporter. His areas of interest include open source software security, malware analysis, data breaches and scam investigations. If combating attacks and hijackings of legitimate software on open source registries like npm weren’t challenging enough, app makers are increasingly experiencing the consequences of […]

Read more
Study: 30% of Log4Shell instances remain unpatched
Study: 30% of Log4Shell instances remain unpatched
Column Hack Infosec Security Startups 

Study: 30% of Log4Shell instances remain unpatched

Ram Iyer 254 Views, , , , , , , , , , , , , , 1 min read

Considering recent APT41 attacks, organizations that continue to leave the Log4Shell flaw unaddressed are hitting the snooze button when it comes to the wake-up calls from attackers.

Read more