InfoSec News Nuggets 12/13/2021

Hackers start pushing malware in worldwide Log4Shell attacks Threat actors and researchers are scanning for and exploiting the Log4j Log4Shell vulnerability to deploy malware or find vulnerable servers. In this article we have compiled the known payloads, scans, and attacks using the Log4j vulnerability. Early Friday morning, an exploit was publicly released for a critical zero-day vulnerability dubbed 'Log4Shell' in the Apache Log4j Java-based logging platform. This vulnerability allows attackers to remotely execute a command…
Read More

InfoSec News Nuggets 12/10/2021

‘I need my girlfriend off TikTok’: How hackers game abuse-reporting systems One hundred and forty-seven dollar signs fill the opening lines of the computer program. Rendered in an icy blue against a matte black background, each “$” has been carefully placed so that, all together, they spell out a name: “H4xton.” It’s a signature of sorts, and not a subtle one. Actual code doesn’t show up until a third of the way down the screen.…
Read More