SSL Secured
| |

Ingest logs into Splunk using TLS

In today’s digital world, organizations are generating massive amounts of log data that contain valuable insights into their systems, applications, and networks. Splunk is a popular platform that helps organizations analyze and visualize this log data to gain insights and improve their operations. Today we are going to discuss ingesting syslog from FireEye HX Cloud…

CVE-2021-45040 webshell
| | | | | |

CVE-2021-45040

A vulnerability (CVE-2021-45040) was reported in Spatie’s Media Library Pro, a Laravel add-on, allowing remote attackers to upload executable files. This happened because the ‘Temporary Upload’ function lacked authentication by default. Other issues include a lack of file name length protection and rate-limiting. Potential solutions include limiting executable file uploads, extending the TemporaryUpload model, and implementing rate limiting. The Laravel Media Library Pro team has since released fixes to address reported issues.