Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Flow Use Case: Limit Intruder Dwell Time

Dec 15, 2021 By Devo In Devo
In this use case, a hypothetical attacker used an exploit against our machine in the local network, which triggered an alert from an external security service. Our external service does not provide additional details about the threat. We will use this Flow to combine the external service data and the data extracted by Devo to check if there's any data flow from the victim to the attacker.
View Video
devo

Devo's 2022 Cybersecurity Predictions: Part One

Dec 15, 2021 By Gunter Ollmann In Devo

There’s only one thing that’s certain in cybersecurity: The cyberthreat landscape is constantly changing, and the tools and solutions we have at our disposal to combat cybercrime must continue evolving if we are to stay ahead of — or at least keep up with — them. As 2021 winds down, the Devo security team is already looking ahead to the most pressing cybersecurity trends likely to appear in 2022. Here are my top three predictions for the new year.

Read Post
cyberint

CVE-2021-44228: Log4J2 Remote Code Execution

Dec 12, 2021 By Cyberint In Cyberint
On Dec. 9, 2021, a remote code execution (RCE) vulnerability in Apache log4j 2 was identified, (Dubbed “Log4Shell” by researchers), affecting massive amounts of servers all over the world. As this vulnerability gains high traction worldwide, it’s important to note, that not only internet facing java applications are vulnerable, as user input can traverse to another non-internet facing machines and exploit these as well.
Read Post
armo

How to Use Kubernetes Audit Logs to Identify Potential Security Issues

Dec 11, 2021 By Amir Kaushansky In ARMO

Audit logging involves recording transactions and system events, making it an invaluable tool for regulatory compliance, digital forensics, and information security. In a typical Kubernetes ecosystem, auditing involves providing chronological, activity-relevant records documenting events and actions in a cluster. Modern logging tools come with aggregation and analytical functionalities so that teams can use log data to mitigate security threats.

Read Post
devo

Detection of Log4Shell Vulnerability and Exploitation Using Devo

Dec 11, 2021 By Alex Eisen, Fran Gomez In Devo

A critical vulnerability in the popular log4j library is currently being actively targeted on a broad global scale and possibly exploited based on advisories from multiple CERTs and vendors: CISA, Apache, etc. This Java library is integrated into many IT and DevOps tooling and workflows. On Dec 10, 2021, Apache released version 2.15.0, fixing CVE-2021-44228 (dubbed Log4Shell) an RCE with a maximum CVSSv3 score of 10.

Read Post
sysdig

Critical vulnerability in log4j, a widely used logging library

Dec 10, 2021 By Stefano Chierici In Sysdig

Security researchers recently disclosed the vulnerability CVE-2021-44228 in Apache’s log4j, which is a common Java-based library used for logging purposes. Popular projects, such as Struts2, Kafka, and Solr make use of log4j. The vulnerability was announced on Twitter, with a link to a github commit which shows the issue being fixed. Proof-of-concept code was also released to github which shows that the vulnerability is trivial to exploit.

Read Post
SecurityScorecard

Log4Shell Is the Most Dangerous Exploit Since Shellshock

Dec 10, 2021 By SecurityScorecard In SecurityScorecard

Earlier today, a serious flaw was discovered in the widely used Java logging library Apache Log4j. The vulnerability, ‘Log4Shell,’ was first identified by users of a popular Minecraft forum and was apparently disclosed to the Apache Foundation by Alibaba Cloud security researchers on Nov. 24, 2021. The vulnerability has the potential to allow unauthenticated remote code execution (RCE) on nearly any machine using Log4j.

Read Post

Copyright © 2026 OpsMatters™. All rights reserved.