"It's Log4Shell, Jim, but not as we know it." How to find and fix a JNDI-based vuln in the H2 Database Engine.
Read moreRemember the Equifax breach? Remember the $700m penalty? In case you'd forgotten, here's the FTC to refresh your memory!
Read moreLog4Shell vulnerability Number Four: “Much ado about something”
December 29 2021It's a Log4j bug, and you ought to patch it. But we don't think it's a critical crisis like the last one.
Read moreThe Apache web server just got an update - this one is nothing to do with Log4j!
Read moreSerious Security: OpenSSL fixes “error conflation” bugs – how mixing up mistakes can lead to trouble
December 17 2021Have you ever seen the message "An error occurred"? Even worse, the message "This error cannot occur"? Facts matter!
Read moreGet 'em while they're hot!
Read moreFind out how to deal with the Log2Shell vulnerability right across your estate. Yes, you need to patch, but that helps everyone else along with you!
Read more“Log4Shell” Java vulnerability – how to safeguard your servers
December 10 2021Just when you thought it was safe to relax for the weekend... a critical bug showed up in Apache's Log4j product
Read moreListen now or read as an article! (Full transcript inside.)
Read moreFirefox update brings a whole new sort of security sandbox
December 7 2021Firefox 95.0 is out, with the usual security fixes... plus some funky new ones.
Read more
Recent Comments