threatpost.com
Open in
urlscan Pro
35.173.160.135
Public Scan
Submitted URL: https://threatpost.com/category/vulnerabilities///
Effective URL: https://threatpost.com/category/vulnerabilities/
Submission: On December 16 via api from US — Scanned from DE
Effective URL: https://threatpost.com/category/vulnerabilities/
Submission: On December 16 via api from US — Scanned from DE
Form analysis
3 forms found in the DOMPOST /category/vulnerabilities/#gf_5
<form method="post" enctype="multipart/form-data" target="gform_ajax_frame_5" id="gform_5" action="/category/vulnerabilities/#gf_5">
<div class="gform_body">
<ul id="gform_fields_5" class="gform_fields top_label form_sublabel_below description_below">
<li id="field_5_8" class="gfield field_sublabel_below field_description_below gfield_visibility_visible"><label class="gfield_label" for="input_5_8"></label>
<div class="ginput_container ginput_container_text"><input name="input_8" id="input_5_8" type="text" value="" class="medium" placeholder="Your name" aria-invalid="false"></div>
</li>
<li id="field_5_1" class="gfield gfield_contains_required field_sublabel_below field_description_below gfield_visibility_visible"><label class="gfield_label" for="input_5_1"><span class="gfield_required">*</span></label>
<div class="ginput_container ginput_container_email">
<input name="input_1" id="input_5_1" type="text" value="" class="medium" placeholder="Your e-mail address" aria-required="true" aria-invalid="false">
</div>
</li>
<li id="field_5_9" class="gfield js-kaspersky-gform-recaptcha-placeholder gform_hidden field_sublabel_below field_description_below gfield_visibility_hidden"><input name="input_9" id="input_5_9" type="hidden" class="gform_hidden"
aria-invalid="false" value=""></li>
<li id="field_5_2" class="gfield input-without-label label-gdpr gfield_contains_required field_sublabel_below field_description_below gfield_visibility_visible"><label class="gfield_label"><span class="gfield_required">*</span></label>
<div class="ginput_container ginput_container_checkbox">
<ul class="gfield_checkbox" id="input_5_2">
<li class="gchoice_5_2_1">
<input name="input_2.1" type="checkbox" value="I agree" id="choice_5_2_1">
<label for="choice_5_2_1" id="label_5_2_1">I agree to my personal data being stored and used to receive the newsletter</label>
</li>
</ul>
</div>
</li>
<li id="field_5_5" class="gfield input-without-label label-gdpr gfield_contains_required field_sublabel_below field_description_below gfield_visibility_visible"><label class="gfield_label"><span class="gfield_required">*</span></label>
<div class="ginput_container ginput_container_checkbox">
<ul class="gfield_checkbox" id="input_5_5">
<li class="gchoice_5_5_1">
<input name="input_5.1" type="checkbox" value="I agree" id="choice_5_5_1">
<label for="choice_5_5_1" id="label_5_5_1">I agree to accept information and occasional commercial offers from Threatpost partners</label>
</li>
</ul>
</div>
</li>
<li id="field_5_10" class="gfield gform_validation_container field_sublabel_below field_description_below gfield_visibility_visible"><label class="gfield_label" for="input_5_10">Email</label>
<div class="ginput_container"><input name="input_10" id="input_5_10" type="text" value=""></div>
<div class="gfield_description" id="gfield_description__10">This field is for validation purposes and should be left unchanged.</div>
</li>
</ul>
</div>
<div class="gform_footer top_label"> <input type="submit" id="gform_submit_button_5" class="gform_button button" value="Subscribe" onclick="if(window["gf_submitting_5"]){return false;} window["gf_submitting_5"]=true; "
onkeypress="if( event.keyCode == 13 ){ if(window["gf_submitting_5"]){return false;} window["gf_submitting_5"]=true; jQuery("#gform_5").trigger("submit",[true]); }" style="display: none;"> <input
type="hidden" name="gform_ajax" value="form_id=5&title=&description=&tabindex=0">
<input type="hidden" class="gform_hidden" name="is_submit_5" value="1">
<input type="hidden" class="gform_hidden" name="gform_submit" value="5">
<input type="hidden" class="gform_hidden" name="gform_unique_id" value="">
<input type="hidden" class="gform_hidden" name="state_5" value="WyJbXSIsImIwODQwZTA2ZGQ0NzYwODcyOTBkZjNmZDM1NDk2Y2ZkIl0=">
<input type="hidden" class="gform_hidden" name="gform_target_page_number_5" id="gform_target_page_number_5" value="0">
<input type="hidden" class="gform_hidden" name="gform_source_page_number_5" id="gform_source_page_number_5" value="1">
<input type="hidden" name="gform_field_values" value="">
</div>
</form>
GET https://threatpost.com/
<form class="c-site-search__form" role="search" method="get" action="https://threatpost.com/">
<input type="text" class="c-site-search__field" name="s" placeholder="Search">
<button type="submit" class="c-button c-button--secondary c-button--smaller c-site-search__button" value="Search"><svg class="icon fill">
<use xmlns:xlink="http://www.w3.org/1999/xlink" xlink:href="https://threatpost.com/wp-content/themes/threatpost-2018/assets/sprite/icons.svg#icon-search"></use>
</svg> Search</button>
<div class="c-site-search__overlay"></div>
</form>
GET https://threatpost.com/
<form class="c-site-search__form" role="search" method="get" action="https://threatpost.com/">
<input type="text" class="c-site-search__field" name="s" placeholder="Search">
<button type="submit" class="c-button c-button--secondary c-button--smaller c-site-search__button" value="Search"><svg class="icon fill">
<use xmlns:xlink="http://www.w3.org/1999/xlink" xlink:href="https://threatpost.com/wp-content/themes/threatpost-2018/assets/sprite/icons.svg#icon-search"></use>
</svg> Search</button>
<div class="c-site-search__overlay"></div>
</form>
Text Content
Newsletter SUBSCRIBE TO OUR THREATPOST TODAY NEWSLETTER Join thousands of people who receive the latest breaking cybersecurity news every day. The administrator of your personal data will be Threatpost, Inc., 500 Unicorn Park, Woburn, MA 01801. Detailed information on the processing of personal data can be found in the privacy policy. In addition, you will find them in the message confirming the subscription to the newsletter. * * * * * * * I agree to my personal data being stored and used to receive the newsletter * * * I agree to accept information and occasional commercial offers from Threatpost partners * Email This field is for validation purposes and should be left unchanged. This iframe contains the logic required to handle Ajax powered Gravity Forms. The administrator of your personal data will be Threatpost, Inc., 500 Unicorn Park, Woburn, MA 01801. Detailed information on the processing of personal data can be found in the privacy policy. In addition, you will find them in the message confirming the subscription to the newsletter. Threatpost * Cloud Security * Malware * Vulnerabilities * InfoSec Insiders * Webinars * * * * * * * Search VULNERABILITIES -------------------------------------------------------------------------------- RELENTLESS LOG4J ATTACKS INCLUDE STATE ACTORS, POSSIBLE WORM More than 1.8 million attacks, against half of all corporate networks, have already launched to exploit Log4Shell. by Becky Bracken December 15, 2021 SAP KICKS LOG4SHELL VULNERABILITY OUT OF 20 APPS SAP’s still feverishly working to patch another 12 apps vulnerable to the Log4Shell flaw, while its Patch Tuesday release includes 21 other fixes, some rated at 9.9 criticality. by Lisa Vaas December 15, 2021 APACHE’S FIX FOR LOG4SHELL CAN LEAD TO DOS ATTACKS Not only is the jaw-dropping flaw in the Apache Log4j logging library ubiquitous; Apache’s blanket of a quickly baked patch for Log4Shell also has holes. by Elizabeth Montalbano December 15, 2021 -------------------------------------------------------------------------------- 2022: SUPPLY-CHAIN CHRONIC PAIN & SAAS SECURITY MELTDOWNS InfoSec Insider December 14, 2021 Sounil Yu, CISO at JupiterOne, discusses the growing mesh of integrations between SaaS applications, which enables automated business workflows – and rampant lateral movement by attackers, well outside IT’s purview. InfoSec Insider December 14, 2021 APPLE IOS UPDATE FIXES CRINGEY IPHONE 13 JAILBREAK EXPLOIT by Lisa Vaas December 14, 2021 It took just 15 seconds to hack the latest, greatest, shiniest iPhone 13 Pro on stage at the Tianfu Cup in October, using a now-fixed iOS kernel bug. by Lisa Vaas December 14, 2021 ACTIVELY EXPLOITED MICROSOFT ZERO-DAY ALLOWS APP SPOOFING, MALWARE DELIVERY by Tara Seals December 14, 2021 December’s Patch Tuesday updates address six publicly known bugs and seven critical security vulnerabilities. by Tara Seals December 14, 2021 WHAT THE LOG4SHELL BUG MEANS FOR SMBS: EXPERTS WEIGH IN by Tara Seals December 14, 2021 3 An exclusive roundtable of security researchers discuss the specific implications of CVE-2021-44228 for smaller businesses, including what’s vulnerable, what an attack looks like and to how to remediate. by Tara Seals December 14, 2021 3 HOW TO BUY PRECIOUS PATCHING TIME AS LOG4J EXPLOITS FLY by Lisa Vaas December 14, 2021 1 Podcast: Cybereason shares details about its vaccine: a fast shot in the arm released within hours of the Apache Log4j zero-day horror show being disclosed. by Lisa Vaas December 14, 2021 1 WHERE THE LATEST LOG4SHELL ATTACKS ARE COMING FROM by Becky Bracken December 13, 2021 1 Analysts find at least 10 Linux botnets actively exploiting Log4Shell flaw. by Becky Bracken December 13, 2021 1 LOG4SHELL IS SPAWNING EVEN NASTIER MUTATIONS by Lisa Vaas December 13, 2021 2 What some call the worst cybersecurity catastrophe of the year – the Apache Log4j logging library exploit – has spun off 60 bigger mutations in less than a day, researchers said. by Lisa Vaas December 13, 2021 2 Load more INFOSEC INSIDER * 2022: SUPPLY-CHAIN CHRONIC PAIN & SAAS SECURITY MELTDOWNS December 14, 2021 * NEXT-GEN MALDOCS & HOW TO SOLVE THE HUMAN VULNERABILITY December 10, 2021 * NOT WITH A BANG BUT A WHISPER: THE SHIFT TO STEALTHY C2 December 8, 2021 * ARE YOU GUILTY OF THESE 8 NETWORK-SECURITY BAD PRACTICES? December 6, 2021 * PANDEMIC-INFLUENCED CAR SHOPPING: JUST USE THE MANUFACTURER API December 3, 2021 Newsletter SUBSCRIBE TO THREATPOST TODAY Join thousands of people who receive the latest breaking cybersecurity news every day. Subscribe now Twitter There’s a sea of unstructured data on the internet relating to the latest #cybersecurity threats. Join Threatpost’s… https://t.co/y6ZfyTh5I0 6 days ago Follow @threatpost NEXT 00:02 01:17 360p 720p HD 1080p HD Auto (360p) About Connatix V142882 Closed Captions About Connatix V142882 1/1 Skip Ad Continue watching This Day in History after the ad Visit Advertiser website GO TO PAGE SUBSCRIBE TO OUR NEWSLETTER, THREATPOST TODAY! Get the latest breaking news delivered daily to your inbox. Subscribe now Threatpost The First Stop For Security News * Home * About Us * Contact Us * Advertise With Us * RSS Feeds * Copyright © 2021 Threatpost * Privacy Policy * Terms and Conditions * Advertise * * * * * * * TOPICS * Black Hat * Breaking News * Cloud Security * Critical Infrastructure * Cryptography * Facebook * Government * Hacks * IoT * Malware * Mobile Security * Podcasts * Privacy * RSAC * Security Analyst Summit * Videos * Vulnerabilities * Web Security Threatpost * * * * * * * TOPICS * Cloud Security * Malware * Vulnerabilities * Privacy Show all * Black Hat * Critical Infrastructure * Cryptography * Facebook * Featured * Government * Hacks * IoT * Mobile Security * Podcasts * RSAC * Security Analyst Summit * Slideshow * Videos * Web Security AUTHORS * Tara Seals * Tom Spring * Lisa Vaas THREATPOST * Home * About Us * Contact Us * Advertise With Us * RSS Feeds Search * * * * * * * InfoSec Insider INFOSEC INSIDER POST Infosec Insider content is written by a trusted community of Threatpost cybersecurity subject matter experts. Each contribution has a goal of bringing a unique voice to important cybersecurity topics. Content strives to be of the highest quality, objective and non-commercial. Sponsored SPONSORED CONTENT Sponsored Content is paid for by an advertiser. Sponsored content is written and edited by members of our sponsor community. This content creates an opportunity for a sponsor to provide insight and commentary from their point-of-view directly to the Threatpost audience. The Threatpost editorial team does not participate in the writing or editing of Sponsored Content. We use cookies to make your experience of our websites better. By using and further navigating this website you accept this. Detailed information about the use of cookies on this website is available by clicking on more information. ACCEPT AND CLOSE