Apache Releases Security Update for HTTP Server

Original release date: December 22, 2021The Apache Software Foundation has released Apache HTTP Server 2.4.52. This version addresses vulnerabilities—CVE-2021-44790 and CVE-2021-44224—one of which may allow a remote attacker to take…

Comments Off on Apache Releases Security Update for HTTP Server

Mitigating Log4Shell and Other Log4j-Related Vulnerabilities

Original release date: December 22, 2021CISA, the Federal Bureau of Investigation (FBI), the National Security Agency (NSA), and the cybersecurity authorities of Australia, Canada, New Zealand, and the United Kingdom…

Comments Off on Mitigating Log4Shell and Other Log4j-Related Vulnerabilities

CISA Adds Two Known Exploited Vulnerabilities to Catalog

Original release date: December 15, 2021CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence that threat actors are actively exploiting the vulnerabilities listed in…

Comments Off on CISA Adds Two Known Exploited Vulnerabilities to Catalog

SAP Releases December 2021 Security Updates

Original release date: December 14, 2021SAP has released security updates to address vulnerabilities affecting multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected…

Comments Off on SAP Releases December 2021 Security Updates

Microsoft Releases December 2021 Security Updates

Original release date: December 14, 2021Microsoft has released updates to address multiple vulnerabilities in Microsoft software. A remote attacker could exploit some of these vulnerabilities to take control of an…

Comments Off on Microsoft Releases December 2021 Security Updates

CISA Creates Webpage for Apache Log4j Vulnerability CVE-2021-44228

Original release date: December 13, 2021CISA and its partners, through the Joint Cyber Defense Collaborative, are tracking and responding to active, widespread exploitation of a critical remote code execution vulnerability…

Comments Off on CISA Creates Webpage for Apache Log4j Vulnerability CVE-2021-44228

CISA Adds Thirteen Known Exploited Vulnerabilities to Catalog

Original release date: December 10, 2021CISA has added thirteen new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence that threat actors are actively exploiting the vulnerabilities listed in…

Comments Off on CISA Adds Thirteen Known Exploited Vulnerabilities to Catalog