Categories: Latest Cyber News

The Log4j debacle showed again that public disclosure of 0-days only helps attackers

On December 9, 2021, a (now deleted) tweet linking to a 0-day proof of concept (PoC) exploit (also now deleted) for the Log4Shell vulnerability on GitHub set the internet on fire and sent companies scrambling to mitigate, patch and then patch again as additional PoCs appeared. Public vulnerability disclosure – i.e., the act of revealing to the world the existence of a bug in a piece of software,…

\\ This article first appeared elsewhere. You can find the original write up here //

«
»
Other cyber news you might have missed: