On December 9, a severe remote code vulnerability was revealed in Apache’s Log4J library, a Java-based logging tool widely used in applications around the world. This vulnerability allows an attacker who can control log messages to execute arbitrary code loaded from attacker-controlled servers – impacting a broad range of services and applications.Logz.io has been aware of the … [Read more...] about Logz.io Security Update: Log4j / Log4Shell Vulnerability Response
Log4Shell
Hackers Attempt to Exploit New SolarWinds Serv-U Bug in Log4Shell Attacks
Microsoft on Wednesday disclosed details of a new security vulnerability in SolarWinds Serv-U software that it said was being weaponized by threat actors to propagate attacks leveraging the Log4j flaws to compromise targets. Tracked as CVE-2021-35247 (CVSS score: 5.3), the issue is an "input validation vulnerability that could allow attackers to build a query given some input … [Read more...] about Hackers Attempt to Exploit New SolarWinds Serv-U Bug in Log4Shell Attacks
Investigate Log4Shell exploits with Elastic Security and Observability
OverviewFollowing the discovery of Log4Shell, a vulnerability in Log4J2, Elastic released a blog post describing how users of our platform can leverage Elastic Security to help defend their networks. We also released an advisory detailing how Elastic products and users are impacted.In this blog, we expand on these initial posts and highlight how the combination of security and … [Read more...] about Investigate Log4Shell exploits with Elastic Security and Observability
Chinese APT Hackers Used Log4Shell Exploit to Target Academic Institution
A never-before-seen China-based targeted intrusion adversary dubbed Aquatic Panda has been observed leveraging critical flaws in the Apache Log4j logging library as an access vector to perform various post-exploitation operations, including reconnaissance and credential harvesting on targeted systems. Cybersecurity firm CrowdStrike said the infiltration, which was ultimately … [Read more...] about Chinese APT Hackers Used Log4Shell Exploit to Target Academic Institution
AQUATIC PANDA in Possession of Log4Shell Exploit Tools
Following the Dec. 9, 2021, announcement of the Log4j vulnerability, CVE 2021-44228, CrowdStrike Falcon OverWatch™ has provided customers with unrivaled protection and 24/7/365 vigilance in the face of heightened uncertainty. To OverWatch, Log4Shell is simply the latest vulnerability to exploit — a new access vector among a sea of many others. Adversarial behavior … [Read more...] about AQUATIC PANDA in Possession of Log4Shell Exploit Tools
How to Baseline and Hunt Log4Shell with the Falcon Platform
Note: This post first appeared in r/CrowdStrike. First and foremost: if you’re reading this post, I hope you’re doing well and have been able to achieve some semblance of balance between life and work. It has been, I think we can all agree, a wild December in cybersecurity (again). At this time, it’s very likely that you and your team are in the throes of hunting, assessing … [Read more...] about How to Baseline and Hunt Log4Shell with the Falcon Platform
How CrowdStrike Protects Customers from Log4Shell Threats
Log4Shell, the latest critical vulnerability, found in the Log4j2 Apache Logging Services library, poses a serious threat to organizations Active attempts to exploit the vulnerability were identified in the wild, currently making it the most severe threat CrowdStrike utilizes indicators of attack (IOAs) and machine learning to protect our customers CrowdStrike continues to … [Read more...] about How CrowdStrike Protects Customers from Log4Shell Threats
Apache Log4j Vulnerability — Log4Shell — Widely Under Active Attack
Threat actors are actively weaponizing unpatched servers affected by the newly identified "Log4Shell" vulnerability in Log4j to install cryptocurrency miners, Cobalt Strike, and recruit the devices into a botnet, even as telemetry signs point to exploitation of the flaw nine days before it even came to light. Netlab, the networking security division of Chinese tech giant Qihoo … [Read more...] about Apache Log4j Vulnerability — Log4Shell — Widely Under Active Attack
Log4Shell: critical vulnerability in Apache Log4j
Various information security news outlets reported on the discovery of critical vulnerability CVE-2021-44228 in the Apache Log4j library (CVSS severity level 10 out of 10). Millions of Java applications use this library to log error messages. To make matters worse, attackers are already actively exploiting this vulnerability. For this reason, the Apache Foundation recommends … [Read more...] about Log4Shell: critical vulnerability in Apache Log4j