Critical Vulnerability Affecting Apache Log4j

The Apache Software Foundation has released a security advisory to address a Critical vulnerability: remote code execution vulnerability (CVE-2021-44228) affecting Log4j versions 2.0-beta9 to 2.14.1 dubbed Log4Shell by researchers. A remote attacker could exploit this vulnerability to take control of an affected system. This vulnerability is already being used to implant cryptocurrency miners, and researchers have detected mass scanning activity searching for servers using Log4j.  Log4j is an open-source, Java-based logging tool used in many Java-based applications widely used by enterprise applications and cloud services. Therefore, BtCIRT urges all administrators to review the Apache Log4j 2.15.0 Announcement and upgrade...

Bhutan Cyber Security Week

Cyber security threats are growing and can affect anyone, and can have a greater impact on social well being and also on the overall country‚Äôs economy. During the pandemic there were numerous cases of victims of scams and phishing incidents that have led to financial losses for the victims. Therefore, BtCIRT is initiating a week-long cybersecurity awareness campaign to observe the country’s first ever Cyber Security Week from 20 – 25 December, 2021. It is expected to provide a bigger window of opportunity to create cybersecurity awareness among the general public, educate and inspire students and upskill ICT Professionals....