Akamai Recommendations for Log4j Mitigation
Blog Blog https://www.akamai.com/blog CySecBot CySecBot
Month: December 2021
Livery Delivers a Seamless Low Latency Streaming Experience with Help from Akamai
Our new normal has ushered in the advent of hybrid events ? a mix of in-person and virtual events. This has made seamless live streaming with active participation of the audience, both live and remote, more important than ever. Amsterdam-headquartered …
Magecart Skimmers Are Alive and Well ? Constant Vigilance Is Required
Magecart skimmers are here to stay, and they?re becoming more sophisticated, more creative, and harder to detect. In this post, we reveal a new skimmer infrastructure that targets ecommerce sites all over the world with advanced methods of detection ev…
Promotion List
Defense Minister Shoygu greeted 14 of 24 new general / flag officers with their new shoulderboards. Some to watch: Teplinskiy, Yudin, Kontsevoy, Mordvichev, Solodchuk, Pyatayev. Continue reading
Log4j CVE-2021-44228
We are fairly confident that we are not vulnerable to the Log4J bug, but we will be releasing an update soon with an updated version of Log4J. Stay tuned.
EDIT: Please download 5.1.4-b2090 for the log4j update as well as a few other libraries.
CVE-2021-44228 – Patching is Recommended for Evolving Zero Day Vulnerability in Apache Log4j that allows remote code execution (RCE)
Akamai has been monitoring the rapidly evolving developments of CVE-2021-44228. We have been working closely with our customers and internal application teams to mitigate the risks posed by the threat of unauthorized remote code execution. This inclu…
CVE-2021-44228 – Zero Day Vulnerability in Apache Log4j that allows remote code execution (RCE)
See how Akamai helped open-source logging library Log4j fight against a critical unauthenticated remote code execution (RCE) vulnerability and reduce customer exposure.
modsecurity rule to filter CVE-2021-44228/LogJam/Log4Shell [update]
As a fast workaround, a friend of mine made a modsecurity rule to filter CVE-2021-44228/LogJam/Log4Shell, which he allowed me to share with you. SecRule \ ARGS|REQUEST_HEADERS|REQUEST_URI|REQUEST_BODY|REQUEST_COOKIES|REQUEST_LINE|QUERY_STRING “jndi:ldap:” \ “phase:1, \ id:751001, \ t:none, \ deny, \ status:403, \ log, \ auditlog, \ msg:’Block: CVE-2021-44228 – deny pattern \”jndi:ldap:\”‘, \ severity:’5’, \ rev:1, \ tag:’no_ar'” New […]
The post modsecurity rule to filter CVE-2021-44228/LogJam/Log4Shell [update] first appeared on Robert Penz Blog.
Jitsi Workaround for CVE-2021-44228/LogJam/Log4Shell
You surely heard of the LogJam / Log4Shell / CVE-2021-44228 – if not, take a look at this blog post. If you’re running Jitsi is most likely vulnerable and as there is no fix currently, you need a workaround which I provide here for you. You need to add -Dlog4j2.formatMsgNoLookups=True at the correct places in […]
The post Jitsi Workaround for CVE-2021-44228/LogJam/Log4Shell first appeared on Robert Penz Blog.
Sign up to our newsletter for a weekly roundup of travel news
CNN.com – RSS Channel – World CNN.com – RSS Channel – World https://www.cnn.com/world/index.html GlobalNewsBot GlobalNewsBot