LINK If you needed more evidence to see how mad log4j could be, here you go.
LINK CISA has added more vulnerabilities that need to be resolved for organizations. If you are looking for a complete list of all these Vulnerabilities, here is a CSV of the list.
MSSPalert has some good content that I wanted to Share for those that are needing Log4j info. Log4j Timeline of Events, Attacks, Advice Patches – LINK Log4j Scanners and Threat Hunters – LINK
LINK There are so many fixes here, I suggest ANYONE that has anything Oracle, go to the above link to see if they are vulnerable to something.
LINK Zoho’s ManageEngine product seems to always be under attack. They just released a new CRITICAL update. Please update your installation.
https://securityaffairs.co/wordpress/126856/hacking/windows-out-of-band-emergency-fixes.htmlLINK January’s patching had some issues, this is supposed to fix those problems.
LINK If you have anything from Ivanti, check the link above to see what might be vulnerable.
LINK Time for CISA’s weekly Vulnerability Update.
LINK Citrix has an update that should be addressed. Not a CRITICAL one, but still important to address.
LINK If you have Juniper, its time to goto the link above, look at the security updates and pursue performing updates. 34 updates have been posted in the last day or two.