Vulnerability

Detecting Log4j via Zeek & LDAP traffic

Dec 16, 2021 By Corelight Labs Team In Corelight

We recently discussed some methods for detecting the Log4j exploit, and we’ve now developed another method that everyone running Zeek® or a Corelight sensor can use. Our new approach is based on the rarity of legitimate downloads of Java via LDAP. Zeek does not currently have a native LDAP protocol analyzer (though one is available if you are running Spicy). This will not stop you from detecting this exploit downloading Java over LDAP, though. To see how, read on.

Read Post

Corelight

Read more about Detecting Log4j via Zeek & LDAP traffic

Explaining Log4j2 And Handling The Next Zero-Day Vulnerability | Synopsys

Dec 16, 2021 By Synopsys In Synopsys

Looking to understand why everyone is talking about the Log4j2 vulnerability? Our Synopsys Security Experts will guide you through.

View Video

Synopsys

Read more about Explaining Log4j2 And Handling The Next Zero-Day Vulnerability | Synopsys

Log4Shell in a nutshell (for non-developers & non-Java developers)

Dec 15, 2021 By Micah Silverman In Snyk

If you’re in tech at all, you’ve likely heard of the Log4Shell exploit taking over the Intertubes. If you’re not a Java developer (or developer of any sort), you may be left scratching your head as to just what’s going on. This post is split into two parts: an explanation of Log4Shell for non-developers and an overview of the Log4Shell vulnerability for non-Java developers.

Read Post

Snyk

Read more about Log4Shell in a nutshell (for non-developers & non-Java developers)

Exploiting, Mitigating, and Detecting CVE-2021-44228: Log4j Remote Code Execution (RCE)

Dec 15, 2021 By Stefano Chierici In Sysdig

A new critical vulnerability has been found in log4j, a widely-used open-source utility used to generate logs inside java applications. The vulnerability CVE-2021-44228, also known as Log4Shell, permits a Remote Code Execution (RCE) allowing the attackers to execute arbitrary code on the host. The log4j utility is popular and used by a huge number of applications and companies, including the famous game Minecraft.

Read Post

Sysdig

Read more about Exploiting, Mitigating, and Detecting CVE-2021-44228: Log4j Remote Code Execution (RCE)

Log4Shell: What You Need to Know About the Log4j Vulnerability

Dec 15, 2021 By Snyk In Snyk

A new critical vulnerability, Log4Shell, was publicly disclosed on December 10th and is making global headlines. It impacts a wide amount of applications on the internet, allowing attackers to remotely execute code within vulnerable applications worldwide. In this webinar recording, Snyk technical experts provide an in-depth technical review of the Log4Shell vulnerability, what caused it, how it can be exploited, and most importantly, how it can be mitigated through upgrades, or defended against in WAF configurations and more. We cover.

View Video

Snyk

Read more about Log4Shell: What You Need to Know About the Log4j Vulnerability

Survey Underscores Challenges Companies Face in Managing Vulnerabilities

Dec 15, 2021 By Arctic Wolf In Arctic Wolf

Vulnerability management remains a struggle for many companies and is still only an aspiration for many others. But with digital and cloud transformation rewriting the way many firms do business, the attack surface keeps expanding and becomes more difficult for organizations to protect their environments from growing threats.

Read Post

Arctic Wolf

Read more about Survey Underscores Challenges Companies Face in Managing Vulnerabilities

Fireside Chat: Log4j and Injection Flaws

Dec 15, 2021 By Snyk In Snyk

Join us for a fireside chat with Micah Silverman, Snyk's Director of DevSecOps Acceleration, and Vandana Verma, Security Relations Leader at Snyk, as we answer your #Log4Shell questions: What is it and how does it affect us? How do I find and fix the #Log4J vulnerability? What can other language ecosystems learn from this? We'll also talk about the OWASP Top 10 and injection flaws.

View Video

Snyk

Read more about Fireside Chat: Log4j and Injection Flaws

Press information: Crowdsource hacker first to find Zero-Day CVE-2021-43798 in Grafana

Dec 15, 2021 By Detectify In Detectify

The vulnerability, dubbed CVE-2021-43798 impacted the Grafana dashboard, which is used by companies around the world to monitor and aggregate logs and other parameters from across their local or remote networks. The privately reported bug became a leaked zero-day but was first spotted by Detectify Crowdsource hacker Jordy Versmissen on December 2, after which Grafana was notified by Detectify about the bug.

Read Post

Detectify

Read more about Press information: Crowdsource hacker first to find Zero-Day CVE-2021-43798 in Grafana

How CrowdStrike Protects Customers from Threats Delivered via Log4Shell

Dec 15, 2021 By Farid Hendi - Karan Sood - Liviu Arsene In CrowdStrike

Recent CrowdStrike Intelligence team findings regarding the Log4Shell (CVE-2021-44228, CVE-2021-45046) vulnerabilities indicate wide-ranging impact. CrowdStrike helps protect customers from threats delivered via this vulnerability using both machine learning and indicators of attack (IOAs).

Read Post

CrowdStrike

Read more about How CrowdStrike Protects Customers from Threats Delivered via Log4Shell

CVE-2021-45046: New Log4j Vulnerability Discovered

Dec 15, 2021 By Gustavo Palazolo In Netskope

Shortly after the Apache Software Foundation (ASF) released the bug fix for the vulnerability known as Log4Shell or LogJam (CVE-2021-44228), a new vulnerability was discovered in Log4j Java-based logging library, tracked as CVE-2021-45046. While Log4Shell had the maximum CVSS score of 10, this new vulnerability is rated as 3.7, affecting all versions of Log4j between 2.0-beta9 and 2.12.1, as well as between 2.13.0 and 2.15.0.

Read Post