Home

  • Log4Shell Could Be Exploited From Your Network

    Log4Shell and LogJam are the names for a Log4j vulnerability. Log4j is a logging library for Java that was patched on 2021-12-06 and extensively exploited from 2021-12-10 (so not a zero-day!) as the news of the vulnerability travelled. The vulnerability, with the CVE designation CVE-2021-44228, is far-reaching as Log4j is a very popular logging libraryContinue…

  • Open Redirect Vulnerability

    This post is about open redirect vulnerabilities; the story of three vulnerable websites, why it’s bad, and how to prevent and detect abuse. First, a primer…

olliejc@infosec.exchange