Topline Notes

Log4j jam

We talked last week about how there were lots of vendors targeting content to the vulnerabilities found in log4j. For what it’s worth, this really hasn’t gotten traction as a search term. I thought it might do more than other specific vulnerabilities, which generally don’t generate worthwhile search volume over time. But alas, no glory for Log4j, which shows no search volume or 10-40 monthly searches for all the likely variations. If you’re contemplating publishing something about Log4j, rethink. And if you publish for non-SEO reasons, be sure to include the relevant CVEs, as in this (slightly ridiculous) title from @TenableSecurity: CVE-2021-44228, CVE-2021-45046, CVE-2021-4104: Frequently Asked Questions About Log4Shell and Associated Vulnerabilities

Canonical pages

A quick reminder that duplicating larger sections of text on separate web pages is an SEO sin. So if you publish a page in one location, don’t publish a copy elsewhere… unless you inform the search engine gods which of the copies is the “real” one. You do this by using the “canonical” meta-tag. Although some tools will set a self-pointing canonical tag for each page they publish (with or without copies elsewhere), but what really makes the difference is making sure that any copies point back to the original (the canonical) page. One ring to rule them all… 

URL should include primary keyword

With small but reasonable monthly search volume and growing interest in the topic, @LogRhythm is on the right track with this:…. But, strictly seo-wise, not having the url include the target keyword is a missed opportunity. For WordPress shops, this means having the primary keyword in the “slug” for your page or post. 


Krebs on Security
IRS Will Soon Require Selfies for Online Access
If you created an online account to manage your tax records with the U.S. Internal Revenue Service (IRS), those login credentials will cease to work later this year. The agency says that by the summer of 2022, the only way to log in to will be through , an online identity verification service that requires applicants to submit copies of bills and identity documents, as well as a liv…

The Extended Internet of Things (XIoT) Expands Supply Chain Risk. Are You Prepared?
For the cybersecurity industry, 2021 may go down in history as the year of the software supply chain attack. We began the year still trying to understand the impact of the SolarWinds and Accellion attacks discovered in December 2020, only to see a subsequent flurry of similar attacks against software sold or distributed by vendors and organizations such as Kaseya, Microsoft and, most recently, the open-source Log4j library distributed by the Apache Software Foundation.

Technical – of interest:

MoonBounce: the dark side of UEFI firmware
What happened? At the end of 2021, we were made aware of a UEFI firmware-level compromise through logs from our Firmware Scanner , which has been integrated into Kaspersky products since the beginning of 2019. Further analysis has shown that a single component within the inspected firmware’s image was modified by attackers in a way that allowed them to intercept the original execution flow of the…