NEW LOG4J JAVA LIBRARY ZERO-DAY IS BEING EXPLOITED IN THE WILD A proof of concept for a zero-day vulnerability in the very popular Apache Log4j Java library is being shared online. Log4j is used both in enterprises and in cloud services. Products from Apple, Amazon, Twitter and Steam, among others may be vulnerable to remote […]
Continue reading → [DISPLAY_ACURAX_ICONS]Or at least standardized policy language on the subject. Cyber insurance policies have always had language excluding “hostile and warlike actions”, whatever the hell that means. What it means is full employment for lawyers. And a long time before you get paid. The Lloyd’s Market Association, the syndicate that drives Lloyd’s backed policies, has created […]
Continue reading → [DISPLAY_ACURAX_ICONS]While this is probably not news if you were affected, earlier today Amazon had a bit of a problem. Just in time for the Christmas rush, Amazon warehouse workers had a bit of a holiday. Workers reported in social media that warehouses are at a standstill, leaving workers without much to do besides singing karaoke. […]
Continue reading → [DISPLAY_ACURAX_ICONS]Last week we got a call from one of our customers, a bit frantic (I am not going to say anything about who they are), asking for an assessment about whether they had been hacked. After a little investigating, we decided that the answer was no, but so began a story that lasted for four […]
Continue reading → [DISPLAY_ACURAX_ICONS]Australia Proposes Law To Force Online Platforms to Disclose User Info Australia plans to introduce legislation that will force social media companies to either take down posts that people don’t like or hand over their user’s information. This isn’t law yet, but I can easily see how this will be gamed. This comes in the […]
Continue reading → [DISPLAY_ACURAX_ICONS]Security firm Black Kite says that 20 percent of America’s largest 100 defense contractors are highly susceptible to a ransomware attack. Why do they say this? Nearly 43% of federal defense contractors have out-of-date systems, giving them a D+ rating for patch management. 42% of contractors have had at least one credential compromised in the […]
Continue reading → [DISPLAY_ACURAX_ICONS]