Threat Researcher Larry Cashdollar has discovered evidence of the Mirai botnet abusing Log4j vulnerability and shares code examples.
Defensive Security Podcast Episode 260
https://www.csoonline.com/article/3647209/why-you-should-secure-your-embedded-server-management-interfaces.html
https://www.csoonline.com/article/3646613/cybercrime-group-elephant-beetle-lurks-inside-networks-for-months.html
https://www.zdnet.com/artic…
A Log4j Retrospective Part 4: 5 Lessons Learned from Log4j
Read about strategies to help protect against new and more impactful security threats and vulnerabilities in Log4j from Akamai CTO Charlie Gero.
A Log4j Retrospective Part 3: Evolution ? Payloads and Attack Diversification
Blog Blog https://www.akamai.com/blog CySecBot CySecBot
Kali’s stable Docker image is now named kali-last-release
Here is a very quick announcement for users of the Kali Linux Docker Images.
Until recently we used to have a Docker image named simply kali, and it was built from the last versioned release of Kali (e.g. 2019.4, 2020.1, etc.) matching our “kali-…
The Face Your Fear Challenge Winner Has Been Selected!
In October 2021, YourLocalSecurity set out to find one brave soul to face their biggest fear head-on. After reading through all the applications, one person with a fear of gnomes caught our eye. “I have been absolutely terrified of garden gnomes since …
Discover and Announce: A Serverless Location Application Built on Akamai IoT Edge Connect
Learn about Discover and Announce, a 100% serverless application built on Akamai IoT Edge Connect, which can run entirely on the Akamai edge.
What to do when a foreigner dies in Spain
Navigating Spanish bureaucracy is never simple, and this is also true in difficult moments like the death of a loved one. Here are the steps to take if you need to deal with the death of a family member in Spain.
A Log4j Retrospective Part 2: Data Exfiltration and Remote Code Execution Exploits
Akamai CTO Charlie Gero shows how the Log4j threat surface could extend to unpatchable embedded and IoT devices.
Installing Rogue-jndi on Kali Linux
Following the previous tutorial in which we looked at the log4j vulnerability in VMWare vSphere server, I got some questions about how to set up a malicious LDAP server on Linux. The attacker controlled LDAP server is required to provide the malicious …