On Friday, a serious new vulnerability was published affecting Log4j, an open-source logging framework that’s widely used across many Java-based enterprise applications and web apps. If correctly exploited, hackers can use this to gain remote access to a business’ servers or IT systems. At 10/10 severity Log4j is one of the most serious IT vulnerabilities to have been discovered in recent memory. Log4J is often installed on both Linux and Windows systems either directly, or often as a requirement of another package or system. By default, Log4J is not included on customers’ UKFast servers, but if you are unsure if…
This Vulnerability Scanning vs Penetration Testing guest blog is authored by Holly Williams, Technical Director of cybersecurity firm Secarma. * I occasionally see the terms vulnerability assessment and penetration test used interchangeably, or even phrases such as ‘automated penetration test’ thrown…