Log4Shell – Page 2 – WindowsTechs.com

Google Cloud offers good news and bad news on Log4Shell, other issues

Posted on February 15, 2022 by AJ Vicens

Google Cloud is seeing 400,000 scans per day for systems vulnerable to the Log4Shell bug, the company said Tuesday. The findings — released as part of the company’s semi-regular Threat Horizons report — show that IT security professionals need to “keep paying attention to this, because the scans keep coming, and if you leave one vulnerable instance open, you’re going to be found,” Phil Venables, the chief information security officer at Google Cloud, told CyberScoop. That said, the companies interacting with Google Cloud have “been very much on top of this,” according to Venables. The warning comes as a reminder, however, to security professionals to keep doing the work of finding the devices and software vulnerable to the Log4Shell bug, which affects versions of the widely used Log4j logging software that haven’t been patched since early December. Shane Huntley, the head of Google’s Threat Analysis Group, said that the daily […]

The post Google Cloud offers good news and bad news on Log4Shell, other issues appeared first on CyberScoop.

Continue reading Google Cloud offers good news and bad news on Log4Shell, other issues→

CISA’s new JCDC worked as intended, witnesses say at Senate hearing on Log4Shell bug

Posted on February 8, 2022 by Tonya Riley

Changes in federal cybersecurity leadership over the past year allowed the private and public sectors to quickly work together in responding to the disclosure of the Log4shell bug last month, experts said Tuesday at a Senate hearing. Witnesses at the Homeland Security and Governmental Affairs Committee hearing praised the usefulness of the Joint Cyber Defense Collaborative, a new center launched by the Cybersecurity and Infrastructure Security Agency in August to help federal agencies, the private sector and state and local governments collaborate on cyberthreat response. “Its structure provided a body to scramble a snap call on Saturday afternoon after Log4shell emerged to allow industry competitors act as partners with the government to share raw situational awareness and we must continue building upon this partnership,” said Jen Miller-Osborn, deputy director of threat intelligence at Palo Alto Networks’ Unit 42. The witnesses warned that the fallout from Log4shell — a vulnerability in […]

The post CISA’s new JCDC worked as intended, witnesses say at Senate hearing on Log4Shell bug appeared first on CyberScoop.

Continue reading CISA’s new JCDC worked as intended, witnesses say at Senate hearing on Log4Shell bug→

How did Alibaba Cloud Security Team engineer discover the log4j vulnerability? Reverse Engineering, Fuzzing, both or?

Posted on January 19, 2022 by Nathan Aw

How did the Alibaba Cloud Security Team engineer discover the Log4Shell (CVE-2021-44228) vulnerability? What was the detailed account of the discovery and/or the events leading up to the discovery?
More importantly, what are the techniques… Continue reading How did Alibaba Cloud Security Team engineer discover the log4j vulnerability? Reverse Engineering, Fuzzing, both or?→

Is log4j-over-slf4j vulnerable to log4shell?

Posted on January 17, 2022 by Vic Seedoubleyew

On my server, I looked at all files containing log4j, and I only have an log4j-over-slf4j jar file.
SLF4J’s page about log4shell states the following:

If you are using log4j-over-slf4j.jar in conjunction with the SLF4J API, you are safe u… Continue reading Is log4j-over-slf4j vulnerable to log4shell?→

Is log4j-over-slf4j vulnerable to log4shell?

Posted on January 17, 2022 by Vic Seedoubleyew

On my server, I looked at all files containing log4j, and I only have an log4j-over-slf4j jar file.
SLF4J’s page about log4shell states the following:

If you are using log4j-over-slf4j.jar in conjunction with the SLF4J API, you are safe u… Continue reading Is log4j-over-slf4j vulnerable to log4shell?→

S3 Ep64: Log4Shell again, scammers keeping busy, and Apple Home bug [Podcast + Transcript]

Posted on January 6, 2022 by Paul Ducklin

We’re back for 2022 – listen now! Continue reading S3 Ep64: Log4Shell again, scammers keeping busy, and Apple Home bug [Podcast + Transcript]→

FTC threatens “legal action” over unpatched Log4j and other vulns

Posted on January 5, 2022 by Paul Ducklin

Remember the Equifax breach? Remember the $700m penalty? In case you’d forgotten, here’s the FTC to refresh your memory! Continue reading FTC threatens “legal action” over unpatched Log4j and other vulns→

Chinese hackers use Log4j exploit to go after academic institution

Posted on December 29, 2021 by Tonya Riley

A Chinese hacking group known for industrial espionage and intelligence collection used a vulnerability in Log4j to go after a large academic institution, researchers at CrowdStrike revealed Wednesday. Threat analysts observed the group attempting to install malware after gaining access using a modified version of a Log4j exploit for VMWare Horizon, a virtual workspace technology. CrowdStrike also observed the Chinese hackers trying to harvest credentials for further exploitation. CrowdStrike analysts believe that the group behind the attack, which it is calling “Aquatic Panda,” has likely been active since at least May 2020. Its operations have primarily focused on targets in the telecommunications, technology and government sectors. “Because OverWatch disrupted the attack before AQUATIC PANDA could take action on their objectives, their exact intent is unknown,” Param Singh, vice president of CrowdStrike OverWatch, wrote to CyberScoop in an email. “This adversary, however, is known to use tools to maintain persistence in environments […]

The post Chinese hackers use Log4j exploit to go after academic institution appeared first on CyberScoop.

Continue reading Chinese hackers use Log4j exploit to go after academic institution→

Log4Shell vulnerability Number Four: “Much ado about something”

Posted on December 29, 2021 by Paul Ducklin

It’s a Log4j bug, and you ought to patch it. But we don’t think it’s a critical crisis like the last one. Continue reading Log4Shell vulnerability Number Four: “Much ado about something”→

successfull log4j exploitation, or just normal traffic?

Posted on December 26, 2021 by dalaix

First, thanks in advance and sorry if I’m asking some really silly thing, this is not my expertise 🙂
I have a webserver just for testing my things. Last week I checked if it was vulnerable to log4j CVE and it seemed only Jenkins was using… Continue reading successfull log4j exploitation, or just normal traffic?→