InfoSec News Nuggets 12/13/2021

Hackers start pushing malware in worldwide Log4Shell attacks Threat actors and researchers are scanning for and exploiting the Log4j Log4Shell vulnerability to deploy malware or find vulnerable servers. In this article we have compiled the known payloads, scans, and attacks using the Log4j vulnerability. Early Friday morning, an exploit was publicly released for a critical zero-day vulnerability dubbed 'Log4Shell' in the Apache Log4j Java-based logging platform. This vulnerability allows attackers to remotely execute a command…
Read More

InfoSec News Nuggets 2/11/2020

1 -  FBI is investigating more than 1,000 cases of Chinese theft of US technology Members of the US government held a conference in Washington this week on the topic of Chinese theft of intellectual property from US technology firms and the US academic sector. Officials said the purpose of the conference -- named the China Initiative Conference -- was to bring the US private sector and the academic and research communities up to speed…
Read More