Here are few things

Apache Log Bug (s….) Bad things come in threes: Apache reveals another Log4J bug Third major fix in ten days is an infinite recursion flaw rated 7.5/10 see

And IoT not getting any better: Security vendor F-Secure has faked a COVID test result on a Bluetooth-equipped home COVID Test. Thankfully the vendor’s since fixed the device. see

Happy Birthday to KrepsOnSecurity!  Maybe “celebrate” is too indelicate a word for a year wracked by the global pandemics of COVID-19 and ransomware. Especially since stories about both have helped to grow the audience here tremendously in 2021. But this site’s birthday also is a welcome opportunity to thank you all for your continued readership and support, which helps keep the content here free to everyone. Keep up the fine work Brian! More here: