4 Myths About DNS Filtering
Trevagh StankardDNS filtering is essential in protecting against web-based threats such as phishing and malware. Here we explain the risks, features, and benefits of DNS filtering and it can protect employees...
On December 9, 2021, Apache disclosed CVE-2021-44228 , a remote code execution vulnerability affecting the Apache Log4j2, a Java-based logging framework widely used in commercial and open-source software products.
Vulnerability Details
Apache Log4j2 library is one of the most widely used Java-based logging utilities globally. Due to its widespread use in popular software and hardware platforms, a large number of third-party apps may be vulnerable to exploitation.
• CVE-2021-44228: A vulnerability in versions of Log4j2 prior to 2.15 allowing a malicious actor to access arbitrary resources through an encapsulated Java Naming and Directory Interface (JNDI) request.
• CVE-2021-45046: Similar to CVE-2021-44228 but only affecting Log4j2 version 2.15.0 which allows a malicious actor to launch a denial of service (DOS) attack on the hosting server.
Given how ubiquitous this library is, the impact of this zero-day exploit is quite severe. In terms of TitanHQ solutions, we do not use the affected component in any of our products. Nevertheless, as this is a dynamic situation we will continue to monitor for new developments and provide status updates and guidance to our customers as needed.
For advice on your email or web security needs don't hesitate to contact one of our product experts today.
DNS filtering is essential in protecting against web-based threats such as phishing and malware. Here we explain the risks, features, and benefits of DNS filtering and it can protect employees...
Uncover the dangers of workplace password sharing and outdated practices. Learn about secure alternatives like shared mailboxes and permissions and explore modern security practices in this must-read blog.
The imminent Cisco Umbrella Roaming Client End-of-Life has left many users uncertain about their next steps and exploring alternative DNS protection.
Sign-up for email updates...