Share this page!

Oscar Jonsson Profile picture
Twitter logo
15 Dec, 11 tweets, 3 min read
Incredibly screwed. The log4j exploit is a 10/10 on the common vulnerability scoring system. I.e. time to care. gizmodo.com/log4j-just-how…
"Apache’s log4j, is a free and open-source logging library that droves of companies use. It's free and widely trusted, companies large and small have been employing it for all kinds of stuff. The irony, of course, is that this bug-checking tool now has a bug"
"afflicted include big names like Apple, Twitter, Amazon, LinkedIn, CloudFlare. Cloud computing firm VMWare, for instance, reports that 44 of its products are impacted. Networking giant Cisco says that 35 of its tools are vulnerable"
"So, that’s the bad news. The good news? JK, there isn’t any good news. Instead, there’s more bad news: This gaping vulnerability is already seeing mass exploitation attempts by hordes of cybercriminals."
"most criminals appear to have found out about the log4j vuln at the same time as everybody else. Thus, exploitation attempts on vulnerable systems and platforms have increased exponentially since last week"
"Dec 10th saw 1000s of attack attempts, rising to over 40,000 Dec 11th. 24h after the outbreak we recorded 200,000 attempts of attack.

As of the time these lines are written, 72 hours post initial outbreak, the number hit over 800,000 attacks"
“We’re seeing >1,000 attempted exploits per second. And payloads getting scarier. Ransomware payloads started in force in last 24 hours”
"If you’re a casual web user, the only thing you can really do at this point is to update your devices and applications when prompted and hope that the platforms you’re relying on are speedy enough to identify the vulnerabilities, conjure up patches, and push out updates"
The great walk-through was done by @LucasRopek1 at @Gizmodo.
@threadreaderapp unroll plz

• • •

Missing some Tweet in this thread? You can try to force a refresh
 

Keep Current with Oscar Jonsson

Oscar Jonsson Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

PDF

Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

More from @OAJonsson

Oscar Jonsson Profile picture
1 Dec
One of Russia's best bets lies in its information operations to undermine Western unity, but how effective are they really?

I dug into info ops, and here's some main points from my latest paper for @EurLiberalForum & @fores_sverige

Paper --> fores.se/publikation/th…
What do I mean by Russia's best bet? As put by Chief of General Staff Gerasimov:

“information resources have become one of the most effective weapons. Their wide use allows in a few days to shake the situation in the country from within”
Or by Colonel General Zarudnitsky, head of the Military Academy:

“undoubtedly, the psychological weapon is the weapon of tomorrow”
Read 14 tweets
Oscar Jonsson Profile picture
5 Jul
The Russian security council just published their new National Security Strategy.

Here coms some reactions, questions-disguised-as-comments, guesstimates and other good stuff --> Image
1. RU is fearing the West for protecting their hegemony through aggravating Russian internal stability, destroying their economy, and traditional values.

All of this is known materia, but important to emphasize that RU internal problems are constructed as foreign efforts.
2. In this, however, the Kremlin are apparently feeling that they're doing well. They assert that "social cohesion is increasing" but that the increasingly need to protect moral values and social activity.

Sounds like a recipe for surveillance in my ears.
Read 32 tweets
Oscar Jonsson Profile picture
8 Nov 19
1. So, I’ve finished the full interview with Macron and it didnt make things better.

Firstly, publicly doubting Art.5, as one of the key NATO powers, have little upside and a big deterrence disadvantage.

Per @MarkGaleotti, Russia seems to believe in Art5 economist.com/europe/2019/11…
2. A common problem Macron is manifesting is overestimating the importance of a well-performing economy in Russia.

It is neither the overarching goal, nor a requirement for Russia being a security-political threat or for the Russian leadership enriching themselves.
3. Here, the reporter nails it; Macron concludes that Russia must become a partner to the West from his one logic and not Russia’s.
Read 11 tweets

Did Thread Reader help you today?

Support us! We are indie developers!

This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal

Or Donate anonymously using crypto!

Ethereum

0xfe58350B80634f60Fa6Dc149a72b4DFbc17D341E copy

Bitcoin

3ATGMxNzCUFzxpMCHL5sWSt4DVtS8UqXpi copy

Thank you for your support!

Follow Us on Twitter!

Like this author's thread?

Get emails when @OAJonsson has new unrolls!

Check out other threads from @OAJonsson!

Read all threads by @OAJonsson

:(