We are information security and technology managers, and our blog serves as the way to share useful industry information with you. Here you will find updates about our company as well as stories about key issues in small business IT.
Apache Log4j project CVE-2021-44228 Disclosure
Apache Log4j project disclosed CVE-2021-44228, which is a Critical (CVSS 10.0) remote code execution vulnerability affecting Apache Log4j2 version<= 2.14.1. A subsequent security patch was released on Dec 10, 2021. We have observed widespread scanning and exploitation of this vulnerability over the internet using a publicly available PoC (Proof of Concept) exploit. TechBento has completed investigating [...]