See how Akamai helped open-source logging library Log4j fight against a critical unauthenticated remote code execution (RCE) vulnerability and reduce customer exposure.
modsecurity rule to filter CVE-2021-44228/LogJam/Log4Shell [update]
As a fast workaround, a friend of mine made a modsecurity rule to filter CVE-2021-44228/LogJam/Log4Shell, which he allowed me to share with you. SecRule \ ARGS|REQUEST_HEADERS|REQUEST_URI|REQUEST_BODY|REQUEST_COOKIES|REQUEST_LINE|QUERY_STRING “jndi:ldap:” \ “phase:1, \ id:751001, \ t:none, \ deny, \ status:403, \ log, \ auditlog, \ msg:’Block: CVE-2021-44228 – deny pattern \”jndi:ldap:\”‘, \ severity:’5’, \ rev:1, \ tag:’no_ar'” New […]
The post modsecurity rule to filter CVE-2021-44228/LogJam/Log4Shell [update] first appeared on Robert Penz Blog.
Jitsi Workaround for CVE-2021-44228/LogJam/Log4Shell
You surely heard of the LogJam / Log4Shell / CVE-2021-44228 – if not, take a look at this blog post. If you’re running Jitsi is most likely vulnerable and as there is no fix currently, you need a workaround which I provide here for you. You need to add -Dlog4j2.formatMsgNoLookups=True at the correct places in […]
The post Jitsi Workaround for CVE-2021-44228/LogJam/Log4Shell first appeared on Robert Penz Blog.
Sign up to our newsletter for a weekly roundup of travel news
CNN.com – RSS Channel – World CNN.com – RSS Channel – World https://www.cnn.com/world/index.html GlobalNewsBot GlobalNewsBot
Announcing Property Manager Extensions for the Integrated Development Environment
We?re proud to announce the 1.0 release of the Property Manager extension to Visual Studio Code and Eclipse. With the new Property Manager extension, you can edit and validate Property Manager API (PAPI) JSON rule trees right from your integrated deve…
OB Notes
A new OB page. Have been expanding, updating, and rearranging it. But there’s always more to do. Continue reading
Security’s Role in Internet Resilience
One aspect of resilience on the internet is that things ? notably servers and resources ? move around. Sometimes moves are legitimate, such as when a popular site evolves from hosting their own website to moving to a cloud provider to using a CDN to ha…
Kali Linux 2021.4 Release
With the end of 2021 just around the corner, we are pushing out the last release of the year with Kali Linux 2021.4, which is ready for immediate download or updating.
The summary of the changelog since the 2021.3 release from September 2021 is:
Impro…
2021 SOTI Security: Year End Review
What a year 2021 has been. Even as the world continues to re-open to various degrees, we?re still feeling the impact from 2020?s move to an almost completely virtual world. Many large companies are shifting to a hybrid model, mixing the ability to work…
Wedia, Digital Asset Management Software Provider, Delivers Seamless Digital Experiences with Help from Akamai
Wedia makes it possible for some of the world?s biggest companies to effectively manage, customize, and deliver their marketing assets. Akamai is delighted that this fantastic brand has chosen us to deliver a rich and engaging web experience for its cu…