The Log4Shell Debacle

The internet is on fire this week. The worst cybersecurity vulnerability of the last ten years (and perhaps more) has kicked the internet ant hill. Companies around the globe – big and small – are scrambling to repair a gaping hole in a ridiculously mundane but widely popular open source tool called Log4J. What it is and what does it mean for you? I’ll get into all of that today.

In other news: many popular wireless home routers are riddled with security bugs (update your firmware now); family “safety” app Life360 is selling your detailed location data; Consumer Reports released a comprehensive report on VPN security and privacy; Firefox just got a lot more secure; LastPass is once again an independent company; Apple released a lot of cool security and privacy features for iOS and macOS; and Verizon just opted you into a program for tracking you – and how you can opt out. (I’ll touch on T-Mobile and AT&T tracking, too.)

Article Links

  1. Op-Ed: What a house cat can teach us about cybersecurity 
  2. Nine WiFi routers used by millions were vulnerable to 226 flaws 
  3. The Popular Family Safety App Life360 Is Selling Precise Location Data on Its Tens of Millions of Users 
  4. Consumer Reports exhaustive report on VPNs 
  5. The new Firefox 95 might be the most secure web browser on the market 
  6. The Log4Shell 0-day, four days on: What is it, and how bad is it really? 
  7. Widely-Used Kronos Payroll Provider Down for “Weeks” Due to Ransomware Attack; Was Log4Shell Involved? 
  8. LastPass is going to become an independent company
  9. How to Use App Privacy Report in the iOS 15.2 Beta
  10. iOS 15.2 Beta 2 Lets Your Family Access Your Data If You Pass Away 
  11. Hide My Email Available in Mail App With New iOS 15.2 and macOS Monterey 12.1 Betas 
  12. iOS 15.2 Beta Adds Messages Communication Safety Feature for Kids 
  13. Verizon May Have Just Enrolled You in a Data-Collection Scheme–Here’s How to Get Out 

Further Info