modsecurity rule to filter CVE-2021-44228/LogJam/Log4Shell [update]

Comments Off on modsecurity rule to filter CVE-2021-44228/LogJam/Log4Shell [update]

As a fast workaround, a friend of mine made a modsecurity rule to filter CVE-2021-44228/LogJam/Log4Shell, which he allowed me to share with you. SecRule \   ARGS|REQUEST_HEADERS|REQUEST_URI|REQUEST_BODY|REQUEST_COOKIES|REQUEST_LINE|QUERY_STRING “jndi:ldap:” \   “phase:1, \   id:751001, \   t:none, \   deny, \   status:403, \   log, \   auditlog, \   msg:’Block: CVE-2021-44228 – deny pattern \”jndi:ldap:\”‘, \   severity:’5’, \   rev:1, \   tag:’no_ar'” New […]

The post modsecurity rule to filter CVE-2021-44228/LogJam/Log4Shell [update] first appeared on Robert Penz Blog.

Read More >>

Jitsi Workaround for CVE-2021-44228/LogJam/Log4Shell

Comments Off on Jitsi Workaround for CVE-2021-44228/LogJam/Log4Shell

You surely heard of the LogJam / Log4Shell / CVE-2021-44228 – if not, take a look at this blog post. If you’re running Jitsi is most likely vulnerable and as there is no fix currently, you need a workaround which I provide here for you. You need to add -Dlog4j2.formatMsgNoLookups=True at the correct places in […]

The post Jitsi Workaround for CVE-2021-44228/LogJam/Log4Shell first appeared on Robert Penz Blog.

Read More >>

Security’s Role in Internet Resilience

Comments Off on Security’s Role in Internet Resilience

One aspect of resilience on the internet is that things ? notably servers and resources ? move around. Sometimes moves are legitimate, such as when a popular site evolves from hosting their own website to moving to a cloud provider to using a CDN to ha…

Read More >>

Kali Linux 2021.4 Release

Comments Off on Kali Linux 2021.4 Release

With the end of 2021 just around the corner, we are pushing out the last release of the year with Kali Linux 2021.4, which is ready for immediate download or updating.
The summary of the changelog since the 2021.3 release from September 2021 is:

Impro…

Read More >>

2021 SOTI Security: Year End Review

Comments Off on 2021 SOTI Security: Year End Review

What a year 2021 has been. Even as the world continues to re-open to various degrees, we?re still feeling the impact from 2020?s move to an almost completely virtual world. Many large companies are shifting to a hybrid model, mixing the ability to work…

Read More >>

Wedia, Digital Asset Management Software Provider, Delivers Seamless Digital Experiences with Help from Akamai

Comments Off on Wedia, Digital Asset Management Software Provider, Delivers Seamless Digital Experiences with Help from Akamai

Wedia makes it possible for some of the world?s biggest companies to effectively manage, customize, and deliver their marketing assets. Akamai is delighted that this fantastic brand has chosen us to deliver a rich and engaging web experience for its cu…

Read More >>

How Long Do Locksmiths Take?

Comments Off on How Long Do Locksmiths Take?

Few things are more frustrating than being unable to unlock your property. This event can happen when you’ve accidentally locked yourself out of your car or your front door keys no longer work. In either event, you need a locksmith’s help, fast. But how long do locksmiths take to arrive and provide their services? In

The post How Long Do Locksmiths Take? appeared first on Ernie’s Lock Company, Inc..

Read More >>