The German Federal Office for Information Security warns about the use of antivirus software from the Russian manufacturer Kaspersky. No surprising, since security is a matter of trust. Security software even more so. In the course of the war in Ukraine, a closed-source provider like Kaspersky is hit at its weakest point. Because its customers […]
Hardly any other topic is currently as present as the war in Ukraine, which is claiming numerous civilian and military victims. But in today’s interconnected and digitized world, the threat is not only military attacks, but is also expanding into cyber space. According to the Institute for Economics and Peace (IEP), cyber attacks on Ukraine […]
We are proud to have received ISO certification of our management systems for the aspects of quality (ISO 9001) and information security (ISO 27001) at the end of 2021. Our success makes us grow, and our growth promotes structure and processes. That is why we actively accompany the creation of structures and processes even more […]
Log4j was affected by a vulnerability that allowed Remote Code Execution (RCE) attacks. In short, user inputs into a software could lead to a code execution on a remote server. This represents a severe security risk. It was named “Log4Shell” (CVE-2021-44228) and immediately addressed by the Log4j team, who provided a fix. In the following […]
Greenbone’s vulnerability management finds applications with Log4j vulnerabilities in systems that definitely need to be patched or otherwise protected. Depending on the type of systems and vulnerability, these can be found better or worse. Detection is also constantly improving and being updated. New breaches are found. Therefore, there may always be more systems with Log4Shell […]
Update from 2021-12-20: information about additional vulnerabilities found for Log4j can be found here. Update from 2021-12-20: vulnerability tests for products running on Microsoft Windows are now available. Note: The tests check the existence of Log4j and its version. A separate vulnerability test may not be available for each affected application, but all Log4j files […]
Update from 2021-12-20: information about additional vulnerabilities found for Log4j can be found here. Update from 2021-12-15: the most important FAQ about the Log4j vulnerability detection with Greenbone can be found here. A critical vulnerability (Log4Shell, CVE-2021-44228) in the widely used Java library Log4j has been discovered. Greenbone has integrated local security checks and active […]
SiSyPHuS Win10 is a project of the German Federal Office for Information Security (BSI). Based on an analysis of the security-critical functions in the operating system Microsoft Windows 10, recommendations for action to harden it were developed. These recommendations are now also part of the Greenbone Security Feed in the form of a compliance guideline […]
We are pleased to inform you that the latest version of our operating system Greenbone OS is now available! We have taken many of your wishes into account: the focus of the improvement was the scanning of large networks with many scan results and extensive reports. Among other things, GOS 21.04 offers new hardware, an […]
