log4j
5 articles tagged with #log4j
Log4j (CVE-2021-44228): Detection, Exploitation and Mitigation
Last week a vulnerability affecting the most common logging packages in Java, Log4j, was made public, complete with exploit code. The vulnerability is rated with a critical severity rating of 10. Successful exploitation allows for a very uncomplicated remote command execution without requiring any authentication over the Internet resulting in a complete compromise of data and system confidentiality, integrity and availability. This blogpost explains the detection methods, exploitation techniques and mitigation instructions of the vulnerability.
Using log4jscanwin to identify Log4j vulnerabilities on Windows machines
A step-by-step guide on how to identify Log4j vulnerabilities on Windows machines using log4jscanwin
Confluent Kafka Connector Analysis for Log4j (CVE-2021-44228) vulnerability
A detailed analysis of Confluent Kafka Connectors for the Log4j vulnerability (CVE-2021-44228), including steps taken to verify vulnerability status and findings across multiple connectors.
How to Protect Against Log4j CVE-2021-44228 RCE Vulnerability
A comprehensive guide on protecting against the critical Log4j (CVE-2021-44228) vulnerability, including latest updates, mitigation strategies, and impact assessment. Essential reading for security teams and developers using Java-based applications.
How to find vulnerable log4j instances across your AWS EC2 instances
A guide to help you discover vulnerable Log4j packages across multiple Linux machines using scripting and the AWS SSM to run commands remotely.