Andre Bluehs

Protection against CVE-2021-45046, the additional Log4j RCE vulnerability

2021-12-15

Log4J Log4Shell WAF Rules Security Vulnerabilities

This vulnerability is actively being exploited and anyone using Log4J should update to version 2.16.0 as soon as possible. Latest version is available on the Log4J download page....

Gabriel Gabor
Andre Bluehs

CVE-2021-44228 - Log4j RCE 0-day mitigation

2021-12-10

Vulnerabilities Zero Day Threats WAF Rules Security Log4J Log4Shell

A zero-day exploit affecting the popular Apache Log4j utility (CVE-2021-44228) was made public on December 9, 2021, that results in remote code execution (RCE)....

Gabriel Gabor
Andre Bluehs

Using HPKE to Encrypt Request Payloads

2021-02-19

WAF WAF Rules Security Firewall Cryptography

Allowing users to securely log parts of the request that match firewall rules while making it impossible for anyone else to decrypt....

Miguel de Moura
Andre Bluehs