Bluepurple Pulse: Log4J2 / Log4Shell Special
To be meta is to be better..
Welcome to a special edition drawn from the meta thread on /r/blueteamsec - https://www.reddit.com/r/blueteamsec/comments/rd38z9/log4j_0day_being_exploited/
The thread continues to be updated on Reddit, below are the salient points as of 7:30 UTC on Sunday December 12th.
Hope it helps and have a lovely weekend.
Log4j2 open source logging framework for Java is subject to a vulnerability which means untrusted input can result via LDAP, RMI and other JNDI endpoints in the loading and executing of arbitrary code from an untrusted source.
This vulnerability was disclosed last week with active knowledge and exploitation following very quickly thereafter.
Wide spread exploitation and scanning is currently occurring by a range of actors including researchers, nation states, coin miners and other criminal enterprises as well as bug bounty participants.
The below are the details of the vulnerability specifically:
Keep reading with a 7-day free trial
Subscribe to Cyber Defence Analysis for Blue & Purple Teams to keep reading this post and get 7 days of free access to the full post archives.