Cynet Log4Shell Webinar: A Thorough - And Clear - Explanation

Most security practitioners are now aware of the Log4Shell vulnerability discovered toward the end of 2021. No one knows how long the vulnerability existed before it was discovered. The past couple of months have had security teams scrambling to patch the Log4Shell vulnerability found in Apache...

UniFi Network Application Unauthenticated Log4Shell Remote Code Execution Exploit

The Ubiquiti UniFi Network Application versions 5.13.29 through 6.5.53 are affected by the Log4Shell vulnerability whereby a JNDI string can be sent to the server via the remember field of a POST request to the /api/login endpoint that will cause the server to connect to the attacker and...

VMware vCenter Server Unauthenticated JNDI Injection RCE (via Log4Shell)

VMware vCenter Server is affected by the Log4Shell vulnerability whereby a JNDI string can sent to the server that will cause it to connect to the attacker and deserialize a malicious Java object. This results in OS command execution in the context of the root user in the case of the Linux virtua...

Open-Source Security: Getting to the Root of the Problem

The past few weeks have shown us the importance and wide reach of open-source security. In December 2021, public disclosure of the Log4Shell vulnerability in Log4j, an open-source logging library, caused a cascade of dependency analysis by developers in organizations around the world. The inciden...

Log4shell Vulnerability is the Coal in Our Stocking for 2021

Log4Shell Vulnerability is the Coal in our Stocking for 2021 By Steve Povolny and Douglas McKee · January 19, 2022 Overview On December 9, a vulnerability CVE-2021-44228 was released on Twitter along with a PoC on GitHub for the Apache Log4j logging library. The bug was originally disclosed to...

Log4J and The Memory That Knew Too Much

Log4J and The Memory That Knew Too Much By Trellix · January 19, 2022 By Guilherme Venere, Ismael Valenzuela, Carlos Diaz, Cesar Vargas, Leandro Costantino, Juan Olle, Jose Luis Sanchez Martinez, AC3 Team Collaborators: Steve Povolny, Douglas McKee, Mark Bereza, Frederick House, Dileep Kumar...

Log4Shell HTTP Header Injection

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Log4Shell HTTP Header Injection', 'Description' = %q Versions of Apache Log4j2 impacted by CVE-2021-44228 which allow JNDI features used in...

OPENSUSE-SU-2021:1613-1 Security update for logback

This update for logback fixes the following issues: Upgrade to version 1.2.8 + In response to log4Shell/CVE-2021-44228, all JNDI lookup code in logback has been disabled until further notice. This impacts ContextJNDISelector and insertFromJNDI element in configuration files. + Also in response to...

OPENSUSE-SU-2021:1612-1 Security update for log4j12

This update for log4j12 fixes the following issues: - CVE-2021-4104: Disable the JMSAppender class from log4j to protect against the log4jshell vulnerability. bsc1193662 This update was imported from the SUSE:SLE-15-SP2:Update update project...

PYSA Emerges as Top Ransomware Actor in November

PYSA, which is also known by Mespinoza, has overtaken Conti as the top ransomware threat group for the month of November. It joined Lockbit, which has dominated the space since August. According to NCC Group’s November insights on the ransomware sector, PYSA increased its market share with a 50...

How to detect Apache HTTP Server Exploitation

With recent news of the critical, zero-day vulnerability Apache Log4Shell, we explore how to detect and protect your Apache HTTP servers...

Conti Ransomware Gang Has Full Log4Shell Attack Chain

The Conti ransomware gang, which last week became the first professional crimeware outfit to adopt and weaponize the Log4Shell vulnerability, has now built up a holistic attack chain. The sophisticated Russia-based Conti group – which Palo Alto Networks has called “one of the most ruthless” of...

6 Ways to Quickly Detect a Log4Shell Exploit in Your Environment

In recent days, the cybersecurity industry has been rapidly assessing the full impact of the Log4Shell CVE-2021-44228 and CVE-2021-45046 vulnerability. Many organizations are quickly trying to figure out whether this vulnerability is within their environment, and where. The next question a securi...

Security Bulletin: Log4Shell Vulnerability affects IBM SPSS Statistics (CVE-2021-4104)

Summary There is a vulnerability in the version of Log4j that is part of IBM SPSS Statistics. IBM SPSS Statistics has addressed this vulnerability. Vulnerability Details CVEID: CVE-2021-4104 DESCRIPTION: Apache Log4j could allow a remote attacker to execute arbitrary code on the system, caused by...

SUSE-SU-2021:14866-1 Security update for log4j

This update for log4j fixes the following issues: - CVE-2021-4104: Disable the JMSAppender class from log4j to protect against the log4jshell vulnerability. bsc1193662...

OPENSUSE-SU-2021:4109-1 Security update for logback

This update for logback fixes the following issues: Upgrade to version 1.2.8 + In response to log4Shell/CVE-2021-44228, all JNDI lookup code in logback has been disabled until further notice. This impacts ContextJNDISelector and insertFromJNDI element in configuration files. + Also in response to...

Security update for logback (important)

openSUSE Security Update: Security update for logback Announcement ID: openSUSE-SU-2021:4109-1 Rating: important References: 1193795 Cross-References: CVE-2021-44228 CVSS scores: CVE-2021-44228 NVD : 10 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H CVE-2021-44228 SUSE: 9.8...

The Everyperson’s Guide to Log4Shell (CVE-2021-44228)

If you work in security, the chances are that you have spent the last several days urgently responding to the Log4Shell vulnerability CVE-2021-44228, investigating where you have instances of Log4j in your environment, and questioning your vendors about their response. You have likely already rea...

Is Your Web Application Exploitable By Log4Shell Vulnerability?

On December 09, 2021, a critical remote code execution vulnerability was identified in Apache Log4j2 after proof-of-concepts were leaked publicly, affecting Apache Log4j 2.x = 2.15.0-rc1. The vulnerability is being tracked as CVE-2021-44228 with CVSSv3 10 score and affects numerous applications...

Log4Shell Makes Its Appearance in Hacker Chatter: 4 Observations

It's been a long few days as organizations' security teams have worked to map, quantify, and mitigate the immense risk presented by the Log4Shell vulnerability within Log4j. As can be imagined, cybercriminals are working overtime as well, as they seek out ways to exploit this vulnerability. Need...