Apache
The Threat That Can’t Be Ignored: CVE-2023-46604 in Apache ActiveMQ
[By Mike Walters, President and co-founder of Action1] In 2023, we witnessed numerous security vulnerabilities making headlines, with a few recent examples being CitrixBleed and libwebp. However, there is another vulnerability that demands immediate attention, despite not receiving the level of recognition it truly deserves in the media. Apache ActiveMQ vulnerability, known as CVE-2023-46604, […]
Trending news on Apache Log4J Shell Vulnerability
Belgium Defense Ministry has released a press update that some state funded hackers deployed ransomware of its servers through Log4J Apache software vulnerability. Information is out that the attack took place on December 16th,2021 paralyzing the network and was conducted by exploiting the Java based Apache Library logging software. An update released by the office […]
Serious vulnerability in Apache Logging System
Cybersecurity Researchers from CrowdStrike have found a new zero-day flaw that, as per their analysis, can prove as a worst internet hack ever detected in the history. Dubbed as Log4Shell, the new flaw allows threat actors to log into a system with no authentication, such as passwords. Currently, the susceptibility was witnessed on Microsoft owned […]
Reducing XSS risk with Apache Content Security Policy
This post was originally published here by sergei odnoval. Apache web server is one of the most popular web servers in the world. Its development was started in early 1995 and it quickly began to play the dominant role in the initial growth of the internet. Apache currently holds 25.74% of market share as per […]
What the Apache Struts vulnerability means for you
This post was originally published here by cliff turner. Unless you’ve been avoiding the news lately, you’ve likely heard about a few major breaches and the Apache Struts vulnerabilities associated with them. Apache Struts 2 is an elegant, extensible framework for building enterprise-ready Java web applications. But unfortunately this year there have been multiple security […]
Will it Pwn CVE-2017-5638: Remote Code Execution in Apache Struts 2?
This post was originally published here by AJIN ABRAHAM. A few days back Nike Zheng reported a Remote Code Execution vulnerability in Apache Struts2. The vulnerability exploits a bug in Jakarta’s Multipart parser used by Apache Struts2 to achieve remote code execution by sending a crafted Content-Type header in the request. This is a perfect example for […]
