Security Notices

Support
Security Notices

December 13, 2021

Security warning: New zero-day in the Log4j Java library

CVE-20210-44228 Vulnerability This notice is informational only and does not affect ANY of Paperclip’s services. A new zero-day vulnerability (CVE-2021-44228) has been discovered in the Java logging library Apache Log4j. None of Paperclips’ ...

More
April 22, 2021

Paperclip and Lion Street Announce 2 Factor Authentication

Paperclip, Inc. and Lion Street, Inc. are dedicated to ensuring information security for the systems you rely on. Due to the nature of the information contained in Paperclip VCF, it is necessary we take additional account security measures on your P...

More
December 18, 2020

SolarWinds Orion Code Compromise (Sunburst)

On Sunday December 13, 2020 the Department of Homeland Security (DHS) released Emergency Directive 21-01 about the SolarWinds Orion Code Compromise, now being referred to as SunBurst. The active global attack targets versions 2019.4 through 2020.2....

More
September 25, 2017

Apache CVE-2017-9798

This notice is informational only and does not affect ANY of Paperclip’s services. Apache httpd allows remote attackers to read secret data from process memory if the Limit directive can be set in a user’s .htaccess file, or if httpd.conf...

More
September 13, 2017

Apache Struts Vulnerability (CVE-2017-9805)

This notice is informational only and does not affect ANY of Paperclip’s services. On September 6, 2017, the Apache Foundation released information on three seperate vulnerabilities affecting Apache Struts. One of the vulnerabilities (CVE-2017-...

More