Main service external DDOS attack – Security Advisory Update // 14-Jun-2021 (Click to expand)
UPD (from 13:00 GMT): DDOS attack was successfully repelled.
The measures taken will work preventively in the future.
Today, June 14, 2022, our service has faced an external DDOS attack on our server infrastructure at AWS.
The attack was recognized, and measures were taken to contain it.
Perhaps your access to the application has been temporarily degraded because we didn't disable the service but filtered the spurious traffic from the useful one.
Please note that no data damage has been done. No data leaks have been recorded.
The team is coherently and systematically solving the task of improving the availability of the service under external attack.
Details and updates will be communicated.
OPS-Team YayPay by Quadient.Delete
Spring4Shell vulnerability – Security Advisory Update // 31-Mar-2022 (Click to expand)
With news of the high severity, Spring4Shell vulnerability (CVE-2022-22965), announced on March 31, 2022, YayPay has reviewed all environments, systems, components, and dependencies and we can confirm that none of YayPay's systems are impacted by this vulnerability and our customers and partners have not been affected in any way!
Due to the severe and widespread nature of this vulnerability, our Team is continuing to actively monitor the situation and is ready to respond and provide additional information if needed.
Should you have any questions, please contact us:
CVE-2022-22965 description from the Vulnerability Database - https://tanzu.vmware.com/security/cve-2022-22965
Apache Log4j vulnerability – Security Advisory Update // 10-Dec-2021 (Click to expand)
With news of the high severity, Apache Log4j Java logging vulnerability (CVE-2021-44228), announced on Friday, December 10, 2021, YayPay has reviewed all environments, systems, components, and dependencies and we can confirm that none of YayPay's systems are impacted by this vulnerability and that our customers and partners have not been affected in any way!
CVE-2021-44228 description from the U.S. National Vulnerability Database - https://nvd.nist.gov/vuln/detail/CVE-2021-44228Delete