Here’s an overview of some of last week’s most interesting news, articles and interviews:
Log4j exploitation risk is not as high as first thought, cyber MGA says
When the Log4Shell vulnerability (CVE-2021-44228) was publicly revealed in December 2021, CISA Director Jen Easterly said that it is the “most serious” vulnerability she has seen in her decades-long career and it could take years to address.
Apple fixes actively exploited iOS, macOS zero-day (CVE-2022-22620)
Another month, another zero-day (CVE-2022-22620) exploited in the wild that has been fixed by Apple.
A “light” February 2022 Patch Tuesday that should not be ignored
February 2022 Patch Tuesday is here and it’s all-around “light” – light in fixed CVE-numbered vulnerabilities (51), extremely light in critical fixes (50 are “important” and one is “moderate”), and light in exploited vulnerabilities (none of the vulnerabilities are listed as under active attack).
End of 2021 witnessed an explosion of RDP brute-force attacks
RDP brute-force attacks escalated throughout all of 2020 and 2021, and the last four months of 2021 brought a further acceleration, with an increase of 274% (from…
