In recent weeks a critical vulnerability (CVE-2021-44228) has been discovered in Log4j2, a popular logging library for Java applications. Attackers can exploit this flaw by performing Remote Code Execution (RCE) on any systems where it is implemented.
Since the introduction of Bitcoin in 2009, and as a result of the global recession during that period, cryptocurrency have been a much-discussed topic across technology, finance, and even global policy. The news is dominated by stories of its impact on our lives and businesses.
Few programming languages generate the same love-hate relationship as JavaScript. For many websites, JavaScript (JS) is a critical coding component that drives client-side programming. Yet JS is also extremely vulnerable to attack since it is easy for hackers to input query strings into website code to access, steal, or contaminate data. Knowing whether your JavaScript is secure is crucial to maintaining a safe user experience for your clients and customers.
Digital forensics is about answering questions and building timelines. Who did what and when. When something malicious takes place on a computer there is evidence that can be collected and used to reconstruct what exactly happened. Depending on the type of events that need to be reconstructed, the evidence required may be difficult to retrieve. In order to make the lives of DFIR professionals easier, LimaCharlie has integrated the Velociraptor open source endpoint visibility tool.
I was logging into one of my favorite online shopping sites the other day, and, as with all my other sites, I was presented with the multi-factor authentication prompt to complete the login process. Anyone who knows me, knows that I have been a long-time supporter of multi-factor, or 2-step verification of any kind.
