Hello, Many thanks for your visit in 2021, we wish you all the best for the New Year 2022 to all of the loyal readers of Original-Network.com! Hope you have the energy and the element of good fortune we will all need to ensure a successful to the new year and a prosperous future beyond …
Category: Data Protection
Dec 22
[PODCAST] Veeam User Group France #1
Hi! Thank you for coming in a great number 3 weeks ago to Veeam User Group France #1 event focused on Backup Architectures secure by design and Security. I had the opportunity to participate in a live podcast in French with Yoann Castillo (Team Lead Systems Engineering @Veeam), and Eric Machabert (CISO & CTO @Maincare …
Dec 19
Log4J 2.17.0 is published
Apache Log4j2 versions 2.0-alpha1 through 2.16.0 did not protect from uncontrolled recursion from self-referential lookups. When the logging configuration uses a non-default Pattern Layout with a Context Lookup (for example, $${ctx:loginId}), attackers with control over Thread Context Map (MDC) input data can craft malicious input data that contains a recursive lookup, resulting in a StackOverflowError …
Dec 14
Veeam is not affected by Log4J vulnerability
Apache isn’t used by any Veeam product, however, the Veeam security team realized an investigation. Veeam products are not affected by this vulnerability (KB 4254). Basically, Apache Logs4J is not in use by any Veeam products. I’ll cross-post any important updates but you can see the thread yourself here.
Dec 13
Log4J Recommendations – Step by Step Guide
If you’re using any software running on Apache and Java, be aware of this critical zero-day vulnerability. Log4j is a ubiquitous logging tool included in almost every Java application, meaning this vulnerability affects literally millions of servers. The Log4J library vulnerability (CVE-2021-44228) allows an attacker to cause the target system to fetch and execute code …