all InfoSec news
New Spring Framework RCE Vulnerability Confirmed - What to do?
March 30, 2022, 7:56 p.m. | iturunen@sonatype.com (Ilkka Turunen)
Sonatype Blog blog.sonatype.com
Last update: Monday 4 April 16:00 BST - Guidance for Sonatype customers, tweaks
Fri 1 Apr 11.00 BST - Guidance for Sonatype customers, clarified conditions of known exploits, evidence of mass scanning
Thu 31 Mar 16.56 BST - patches released, CURL and Search syntax added, CVSS and CVE added, updated artifact ID, known vulnerable methods, what to expect, mitigations
Sonatype Customers: We have published Find and Fix Spring4shell in our documentation
Early Wednesday morning (GMT), allegations began to appear on …
component vulnerabilities devzone featured framework rce spring spring framework vulnerability
More from blog.sonatype.com / Sonatype Blog
The essential duo of SCA and SBOM management
1 week, 5 days ago |
blog.sonatype.com
Automating and maintaining SBOMs
2 weeks, 5 days ago |
blog.sonatype.com
Cyber readiness and SBOMs
4 weeks, 1 day ago |
blog.sonatype.com
Jobs in InfoSec / Cybersecurity
SOC 2 Manager, Audit and Certification
@ Deloitte | US and CA Multiple Locations
EY GDS Internship Program - SAP, Cyber, IT Consultant or Finance Talents with German language
@ EY | Wrocław, DS, PL, 50-086
Security Architect - 100% Remote (REF1604S)
@ Citizant | Chantilly, VA, United States
Network Security Engineer - Firewall admin (f/m/d)
@ Deutsche Börse | Prague, CZ
Junior Cyber Solutions Consultant
@ Dionach | Glasgow, Scotland, United Kingdom
Senior Software Engineer (Cryptography), Bitkey
@ Block | New York City, United States