logo
  • About
  • Contact
  • Instant Response
  • Hall of fame
  • COVID-19

Categories

  • Alerts and warnings
  • BU Safe
  • Hit by ransomware?
  • Incident handling
  • News

Noticed a problem?

Report an Incident
–or–

Recent Posts

  • From Ransomware to Cyber Espionage: 55 Zero-Day Vulnerabilities Weaponized in 2022
  • 9 attack surface discovery and management tools
  • Crooks stole more than $1.5M worth of Bitcoin from General Bytes ATMs
  • Windows 11 bug warns Local Security Authority protection is off
  • Ferrari: Discloses data breach after receiving ransom note

Video

https://www.youtube.com/watch?v=wMsHDH67eb4

RSS NVD Data Feed

  • CVE-2023-27250 (online_book_store_project) 16 March 2023
  • CVE-2022-41554 (slideshow_se) 16 March 2023
  • CVE-2023-24571 (embedded_box_pc_3000_firmware) 16 March 2023
  • CVE-2022-38063 (social_login_wp) 16 March 2023
  • CVE-2022-40699 (yasr_-_yet_another_stars_rating) 16 March 2023

RSS CERT-EU News Feed

Information

  • Privacy & Cookies Policy

The Log4j debacle showed again that public disclosure of 0-days only helps attackers

Posted on 7 January 2022

From helpnetsecurity.com

On December 9, 2021, a (now deleted) tweet linking to a 0-day proof of concept (PoC) exploit (also now deleted) for the Log4Shell vulnerability on GitHub set the internet on fire and sent companies scrambling to mitigate, patch and then patch again as additional PoCs appeared.

Read more…

Posted in News

Post navigation

Previous post: WordPress 5.8.3 Security Release
Next post: T-Mobile users suffer SIM swapping attacks
BU CERT
Authorized to use CERT(TM) - CERT is a mark owned by Carnegie
Mellon University

Other CERTs

  • National Cyber Security Centre
  • US-CERT
  • FORTHcert
Proudly powered by WordPress | Theme: bu-cert by Nan Jiang.