{"id":72211,"date":"2021-12-10T16:57:34","date_gmt":"2021-12-10T21:57:34","guid":{"rendered":"http:\/\/bangla.salearningschool.com\/recent-posts\/psa-major-java-vulnerability-in-log4j-and-actionable-links\/"},"modified":"2021-12-10T16:57:34","modified_gmt":"2021-12-10T21:57:34","slug":"psa-major-java-vulnerability-in-log4j-and-actionable-links","status":"publish","type":"post","link":"http:\/\/bangla.sitestree.com\/?p=72211","title":{"rendered":"PSA: Major Java Vulnerability in Log4J and Actionable Links"},"content":{"rendered":"<ul>\n<li>The vulnerability is officially designated as <a href=\"https:\/\/email.wordfence.com\/e3t\/Btc\/GC+113\/cwG7R04\/VXc2lk8DyZpLW2fKH_3289l8XVGwS3m4BX6HGN6pj1WN3lLBmV1-WJV7CgGWTW9gHw126154YyW3-slgr2F_b3ZW1Dvr4p2hx--YW4x4qXC3d7Wx1W745z1Z3CjMx1W7vpPbg7FyvZ8W2HBnWK31RXTcW9h04XH67Z8prW5klv1y3qXdTLW4CQ8fq7FhFW-W99qlPk6BgBK4W83TMx64dqg9fW6z1Hpr23CHLdVgPHKM67gNZ3W29P4R68j6vfrW3z0v4z44CG5JW3ZPVQ923J9GFW230vxD8B-_z5W4JMlgg2NjF-rW2x6ZwN417Nq7W4-b0pJ7gQpLyW82RxmR1wWBjl3bR71\">CVE-2021-44228<\/a><\/li>\n<li>The Apache foundation has <a href=\"https:\/\/email.wordfence.com\/e3t\/Btc\/GC+113\/cwG7R04\/VXc2lk8DyZpLW2fKH_3289l8XVGwS3m4BX6HGN6pj1WN3lLBmV1-WJV7CgC58W2vsjv54qYC2hN3FkwMBq7xG8W558CsW6t3-BLVYgjvf21q3HxVzttb-6ty-ghW73h5Sn82sD8mW1btZyc5w_pnFW13GTvj3sb_b9VwQQgH3MFP9kW2CQ0zx90vTH4W4Sw_bB2bMpmzW1zCmmB9c1fZvVgSyFX5yF0t0N6fdJq54Bh6SW4jl4W72bz14LW5ZwYvr6pLgywW6QrNtF7gHLwSW5wg5jC2YMyGtW1NSx9g8b8KbMW6ftyCy58BrP4W23Qglt4wQ3tzN9dBymK38DwK33Qk1\">released a fix<\/a>.<\/li>\n<li><a href=\"https:\/\/email.wordfence.com\/e3t\/Btc\/GC+113\/cwG7R04\/VXc2lk8DyZpLW2fKH_3289l8XVGwS3m4BX6HGN6pj1XZ3lLCyV1-WJV7CgQ_CW5y-qnV2RPGVbVdw7fp3_RQK5W18cdN33fNwf4W3TP72R47P5tJW2ZwHBG3dsv0hW7VWG9N54m-mnW3RG2Kq7bKSRzW8jLjqc7-FbTGW92y9gN5PBScfW7XD15r6f60MkW385sMp7G6gNSV1NJ292CD_grW7JTVWR66LKxDN5m4DTRw6bhLW7zrDtc5WM1f7W92mGSx64TjCnW5hvMcs66r0HkW6FYXCD4z_zsfW2zgqX82g1LwyW7chL4W2sHjLwW5mj6v-4817ztW4y4VHP20FcmZW6zFzLF4QBDFgW5dtMFp3Xw8DGW6ZXlv-6kX49fW1fpp283Xxyc0W1bV0tQ6vRzWrW1t9Xrf4JzXntN8wnrd_2G9NZW8Tb63q597gY937gM1\">Ars Technica: Zero-day in ubiquitous Log4j tool poses a grave threat to the Internet<\/a><\/li>\n<li><a href=\"https:\/\/email.wordfence.com\/e3t\/Btc\/GC+113\/cwG7R04\/VXc2lk8DyZpLW2fKH_3289l8XVGwS3m4BX6HGN6pj1XG3lLCfV1-WJV7CgTzkW3TG5xX1Xft-yN7PfdTNlyJCKW4n42KT7dRxR4VS54Ps4_DLgBW6Mz4Ql59jxHPW5FHYVK8znXTBW4kjQC35rxmX5W1xpRHM6J5RP_W3_Ms6M7yBXDKW2VXszd4Lz6wgW4rrmvL2clnnCW3j-YVS7_DF71W4zJd-G2JHfc2W6k1zb65VCdyjN7gClwMNgWfhW7413-z478sM0W1Qqt9y5Rw-7gV7mFLQ8X2p9fW8Cvp6W4bH8BLVhYtN48yxxHHN8M0PtPqZjlMN4jCSqcR0_rBW43stXq60Psr6W3n1Fhm1y_x7fW7YZvF_1x5Vx7W3ZbS3C5W1GxFW8_17835p42xSW10TsrQ4Ws_DQ3b341\">ZDNet: Security warning: New zero-day in the Log4j Java library is already being exploited<\/a><\/li>\n<li><a href=\"https:\/\/email.wordfence.com\/e3t\/Btc\/GC+113\/cwG7R04\/VXc2lk8DyZpLW2fKH_3289l8XVGwS3m4BX6HGN6pj1WN3lLBmV1-WJV7CgRF2W4JglBW72QkMyW8YP8MJ53kRg0W1MwxtN7Q0gxlW743N4H8-vjBFW8fWy959dRqMjW1vRz0l37vtbsW85KHjg5zymKXW3HccvF1_fg27W71Cypc1VBL3hW8sCqRy4RVTVBW5qyz4C8ld8R5W3CGlMq1yl_mPW74_4wz4vN4pSV28QQF6Dyj68W8Jnbt27gnb8gW31GGl124BL30W6q1fRk3451GcW8g6f0x26QFZ7W5DBp4Y71_8JvW5R1z3g1XRD1qW8gxJTs84nDDMN15SW-hR36zY3jYX1\">A thread by Marcus Hutchins<\/a><\/li>\n<li><a href=\"https:\/\/email.wordfence.com\/e3t\/Btc\/GC+113\/cwG7R04\/VXc2lk8DyZpLW2fKH_3289l8XVGwS3m4BX6HGN6pj1WN3lLBmV1-WJV7CgRrhW67GKrs9fZ5FSW8rYfQS8ZtR5hW52jx4X3RrrWqW1hBpdm74mczXW5sFV1p2fwDL6W5qgnpb3vvqn2W4tZXXw6gygJCW3h-8Jk6-djXgW3ZXjYM7RyB63W3PcjR24JJwXdW1TvM0w8XLdb7W8gbcFF1DxxgGW7B54T51wzQZXW8zZKH751f9K0W1XRQ5L5VdHFFW2G0JcQ5t0hj8W2vJlQ15S1g9LW3zm5Z130WP5mW7YtTHH2XWNDbW1sNxfW7r4srkW82_YmG65R7vkW8KBLHm86mwfZ37Xt1\">A disorganized list of vulnerable stuff already found.<\/a><\/li>\n<li><a href=\"https:\/\/email.wordfence.com\/e3t\/Btc\/GC+113\/cwG7R04\/VXc2lk8DyZpLW2fKH_3289l8XVGwS3m4BX6HGN6pj1Xm3lLBZV1-WJV7CgQL1W7Cl0Bq7x5FDdW8Q9ZLF47n3j5W3WH37P5FF2xcW11YS8V2-5w6MW3ynsK-5MZhwrW4dbWZc313hKKW2R1n_F7R05gvN2xJ2S0S6QW4W1kj68B8QV1HkW2M6hPb5xCz5pN8yqJH0nr-BXW5fc7Yg8-xwxpVs_qPK1zx_PQW5kPJyT4XPR54W1fJ_r48BGbtPW8np4H-6MGbWyW86FRsl85YSxRW1ZD27R42SWfCW5Rp_TQ5rbxrMW94VyVm4jr2RCW4zYPgJ1b-39LN74sTnm5N7MHW1wx9vk8V-vnpW32vZJw7CP03cW5XrkM88Gz-qqW957ZzX4w_gsD3f741\">A proof of concept, if you&#8217;re a researcher.<\/a><\/li>\n<\/ul>\n","protected":false},"excerpt":{"rendered":"<p>The vulnerability is officially designated as CVE-2021-44228 The Apache foundation has released a fix. Ars Technica: Zero-day in ubiquitous Log4j tool poses a grave threat to the Internet ZDNet: Security warning: New zero-day in the Log4j Java library is already being exploited A thread by Marcus Hutchins A disorganized list of vulnerable stuff already found. &hellip; <\/p>\n<p><a class=\"more-link btn\" href=\"http:\/\/bangla.sitestree.com\/?p=72211\">Continue reading<\/a><\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[182],"tags":[],"class_list":["post-72211","post","type-post","status-publish","format-standard","hentry","category---blog","item-wrap"],"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"jetpack-related-posts":[{"id":74418,"url":"http:\/\/bangla.sitestree.com\/?p=74418","url_meta":{"origin":72211,"position":0},"title":"WordPress Security PHP Object Injection Vulnerability in Booking Calendar Plugin","author":"Sayed","date":"April 27, 2022","format":false,"excerpt":"\"On April 18, 2022, Object Injection vulnerability in the Booking Calendar plugin for WordPress, which has over 60,000 installations.\" Wordfence \" Description: Insecure Deserialization\/PHP Object Injection Affected Plugin: Booking Calendar Plugin Slug: booking Plugin Developer: wpdevelop, oplugins Affected Versions: <= 9.1 CVE ID: CVE-2022-1463 CVSS Score: 8.1(High) CVSS Vector: CVSS:3.1\/AV:N\/AC:H\/PR:N\/UI:N\/S:U\/C:H\/I:H\/A:H\u2026","rel":"","context":"In &quot;\u09ac\u09cd\u09b2\u0997 \u0964 Blog&quot;","block_context":{"text":"\u09ac\u09cd\u09b2\u0997 \u0964 Blog","link":"http:\/\/bangla.sitestree.com\/?cat=182"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":68353,"url":"http:\/\/bangla.sitestree.com\/?p=68353","url_meta":{"origin":72211,"position":1},"title":"Securing Your AngularJS Applications #AngularJS #By Sayed Ahmed","author":"Author-Check- Article-or-Video","date":"August 1, 2021","format":false,"excerpt":"Securing Your AngularJS Applications Some security measures can be as follows: Take security measures at the entry and exit points of data to and from the server Secure the server and prevent unauthorized access to data, and HTML Encrypt the connection i.e https:\/\/ Prevent cross-site scripting (XSS), Prevent cross-site request\u2026","rel":"","context":"In &quot;FromSitesTree.com&quot;","block_context":{"text":"FromSitesTree.com","link":"http:\/\/bangla.sitestree.com\/?cat=1917"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":72469,"url":"http:\/\/bangla.sitestree.com\/?p=72469","url_meta":{"origin":72211,"position":2},"title":"Misc. Recent Technology and Software Development Stuff","author":"Sayed","date":"January 26, 2022","format":false,"excerpt":"Plan for tradeoffs: You can\u2019t optimize all software quality attribute Here\u2019s how Stack Overflow users responded to Log4Shell, the Log4j vulnerability affecting almost everyone Who\u2019s going to pay to fix open source security? MongoDB Architecture Guide Eleventy v1.0.0, the stable release Announcing Parcel CSS: A new CSS parser, compiler, and\u2026","rel":"","context":"In &quot;\u09ac\u09cd\u09b2\u0997 \u0964 Blog&quot;","block_context":{"text":"\u09ac\u09cd\u09b2\u0997 \u0964 Blog","link":"http:\/\/bangla.sitestree.com\/?cat=182"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":14800,"url":"http:\/\/bangla.sitestree.com\/?p=14800","url_meta":{"origin":72211,"position":3},"title":"From the Web: Health, Security, Finance, Technology, Business, Politics, Economy","author":"Sayed","date":"June 13, 2019","format":false,"excerpt":"Life\u2019s Simple 7 initiative and your health https:\/\/www.ncbi.nlm.nih.gov\/pmc\/articles\/PMC3699822\/ ---- Warning: Google Researcher Drops Windows 10 Zero-Day Security Bomb https:\/\/www.forbes.com\/sites\/daveywinder\/2019\/06\/12\/warning-windows-10-crypto-vulnerability-outed-by-google-researcher-before-microsoft-can-fix-it\/#5476914f2fd6 --- New Security Warning Issued For Google's 1.5 Billion Gmail And Calendar Users https:\/\/www.forbes.com\/sites\/daveywinder\/2019\/06\/11\/new-security-warning-issued-for-googles-1-5-billion-gmail-and-calendar-users\/#686ed663565e --- Google criticized for Chrome change that logs users in without telling them https:\/\/www.theverge.com\/2018\/9\/24\/17895536\/google-chrome-69-log-in-sync-password-user-data-privacy -- Oil Surges\u2026","rel":"","context":"In &quot;\u09ac\u09cd\u09b2\u0997 \u0964 Blog&quot;","block_context":{"text":"\u09ac\u09cd\u09b2\u0997 \u0964 Blog","link":"http:\/\/bangla.sitestree.com\/?cat=182"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":16417,"url":"http:\/\/bangla.sitestree.com\/?p=16417","url_meta":{"origin":72211,"position":4},"title":"Do you want to be an information security professional?","author":"Sayed","date":"November 21, 2019","format":false,"excerpt":"Do you want to be an information security professional or an Ethical Hacker? Then you can learn by finding answers to the following questions. You can search Google, read book, or even ask the security professionals around you to get the answers. Knowing these (and doing\/practicing\/analyzing\/thinking\/applying\/building\/relating) for sure will help.\u2026","rel":"","context":"In &quot;\u09ac\u09cd\u09b2\u0997 \u0964 Blog&quot;","block_context":{"text":"\u09ac\u09cd\u09b2\u0997 \u0964 Blog","link":"http:\/\/bangla.sitestree.com\/?cat=182"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":26260,"url":"http:\/\/bangla.sitestree.com\/?p=26260","url_meta":{"origin":72211,"position":5},"title":"Do you want to be an information security professional? #Root","author":"Author-Check- Article-or-Video","date":"April 21, 2021","format":false,"excerpt":"Do you want to be an information security professional or an Ethical Hacker? Then you can learn by finding answers to the following questions. You can search Google, read book, or even ask the security professionals around you to get the answers. Knowing these (and doing\/practicing\/analyzing\/thinking\/applying\/building\/relating) for sure will help.\u2026","rel":"","context":"In &quot;FromSitesTree.com&quot;","block_context":{"text":"FromSitesTree.com","link":"http:\/\/bangla.sitestree.com\/?cat=1917"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]}],"_links":{"self":[{"href":"http:\/\/bangla.sitestree.com\/index.php?rest_route=\/wp\/v2\/posts\/72211","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/bangla.sitestree.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/bangla.sitestree.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/bangla.sitestree.com\/index.php?rest_route=\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"http:\/\/bangla.sitestree.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=72211"}],"version-history":[{"count":0,"href":"http:\/\/bangla.sitestree.com\/index.php?rest_route=\/wp\/v2\/posts\/72211\/revisions"}],"wp:attachment":[{"href":"http:\/\/bangla.sitestree.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=72211"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/bangla.sitestree.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=72211"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/bangla.sitestree.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=72211"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}