CISA Releases SCuBA TRA and eVRF Guidance Documents

CISA has released several documents as part of the Secure Cloud Business Applications SCuBA project: The Technical Reference Architecture TRA document, previously released for public comment on April 19, 2022, is the final version of a security guide that agencies can use to adopt technology for...

CISA Releases Cloud Security Technical Reference Architecture

CISA has released its Cloud Security CS Technical Reference Architecture TRA to guide federal civilian departments and agencies in securely migrating to the cloud. Co-authored by CISA, the United States Digital Service, and the Federal Risk and Authorization Management Program, the CS TRA defines...

MTN Group: Remote code injection in Log4j on http://mtn1app.mtncameroon.net - CVE-2021-44228

The vulnerability CVE-2021-44228, a remote code injection flaw in Log4j, was discovered on the website http://mtn1app.mtncameroon.net. The vulnerability was confirmed to be present on the ports 8080 and 8443 of the website. The issue was demonstrated by retrieving the hostname of the affected...

MS:B64CCF8C-77AA-4D18-9A78-015AD3828250

...