444: Mining the Logs
Coder Radio - A podcast by Jupiter Broadcasting - Miercuri
Categories:
The broader software problem the Log4Shell vulnerability reveals, and the story of how Chris lit his Coder robe on fire... While wearing it.Sponsored By:Linode: Receive a $100 60-day credit towards your new account. Promo Code: linode.com/coderNetwork Membership Holiday Discount: Support the entire network, and get access to every member's special feed for every show on the network. Sign up now and save $3/m FOREVER! Promo Code: 2024Support Coder RadioLinks:Apple Silicon Guide — A guide covering Apple Silicon including the applications, libraries and tools that will make you a better and more efficient with your Apple Silicon powered device.notes.jupiterbroadcasting.com — This site is a searchable archive of the show notes for the all Jupiter Broadcasting shows. Home to the best shows on Linux, Open Source, Security, Privacy, Community, Development, and News.How does Jupiter Broadcasting's notes site work? — It was a normal (for 2021) Sunday evening back in July, I was minding my own business, obviously doing something super cool, when I spotted a message from a certain badger-y fellow in the Self Hosted show’s DiscordHackers start pushing malware in worldwide Log4Shell attacks — When the Log4j application parses these logs and encounters the string, the bug will force the server to make a callback, or request, to the URL listed in the JNDI string. Threat actors can then use that URL to pass Base64-encoded commands or Java classes to execute on the vulnerable device. Microsoft quietly told Apple it was willing to turn big Xbox-exclusive games into iPhone apps — In reality, Microsoft was willing to play along with many of Apple’s demands — and it even offered to bring triple-A, Xbox-exclusive games to iPhone to help sweeten the deal. What’s in Apple’s iOS 15.2, iPadOS 15.2? Nude-Image Detection — In order for the feature to work, parents need to enable it on a family-sharing account. Linux Action News 219: Log4Shell Coverage — The Log4Shell vulnerability is making waves this week; we'll explain why and break down how it works.