Log4Shell update: Attack surface, attacks in the wild, mitigation and remediation

13 December 2021

Several days have passed since the dramatic reveal of CVE-2021-44228 (aka Log4Shell), an easily exploitable (without authentication) RCE flaw in Apache Log4j, a popular open-source Java-based logging utility that’s seemingly used by most enterprise applications out there. The existence of the vulnerability and the public release of PoCs exploiting it have made this weekend a nightmare for those that are tasked with mitigating its fallout and keeping company systems and networks secure.

Read full article on Help Net Security

Date:

13 December 2021

Categorie(s):

NEWS

Tag(s):

Apache, Apache Solr, Apache Struts, Attacks, Cisco

How workforce reductions affect cybersecurity postures8 May 2024
UnitedHealth’s ‘egregious negligence’ led to Change Healthcare infection8 May 2024
Australia news live: Sydney councillor defends library ban on same-sex parenting book; Lehrmann trial costs decision due Friday8 May 2024
News live: Australia confers with New Zealand on Rafah and looming UN vote; Lehrmann trial costs decision due Friday8 May 2024
Alleged LockBit admin and lead developer named and targeted by US, UK and Australian authorities8 May 2024