DevOps Articles

Curated articles, resources, tips and trends from the DevOps World.

Log4Shell Lives!

2 years ago thenewstack.io
Log4Shell Lives!

Summary: This is a summary of an article originally published by The New Stack. Read the full original article here →

It has been about a year since the security hole at the heart of the open source Java logging library https://logging.apache.org/log4j/ was revealed. Recently, the https://www.cisa.gov/ revealed not only are hackers still using Log4Shell successfully, but Iranian government agents are also using it to https://www.cisa.gov/uscert/ncas/alerts/aa22-320a. Specifically, threat actors exploited Log4Shell to get access to the organization’s unpatched https://www.vmware.com/products/horizon.html.

Over that link, they ran a Windows PowerShell command to add an exclusion rule to Windows Defender that white-listed the c:\drive.

All of this story, an all too typical tale of an automated Windows attack, started with Log4Shell.

Read More
Oh Dear
Oh Dear
The all-in-one monitoring tool for your entire website
Fathom
Fathom
Fathom Analytics: A Better Google Analytics Alternative
Namecheap
Namecheap
DevOpsChat Logo Your DevOps Community
Product
Useful Links

Made with pure grit © 2024 Jetpack Labs Inc. All rights reserved. www.jetpacklabs.com