Driver-Based Attacks: Past and Present
https://ift.tt/3IJNrDE
Submitted December 13, 2021 at 08:00PM by chicksdigthelongrun
via reddit https://ift.tt/30kgk7U
https://ift.tt/3IJNrDE
Submitted December 13, 2021 at 08:00PM by chicksdigthelongrun
via reddit https://ift.tt/30kgk7U
Rapid7
Driver-Based Attacks: Past and Present | Rapid7 Blog
Test driving the Log4Shell log4j vulnerability with various versions of Java and observing the network egress connections (tl;dr Java 8u191 onwards is less bad)
https://ift.tt/3dKAgUP
Submitted December 13, 2021 at 10:56PM by lowlevelprog
via reddit https://ift.tt/33rb4kd
https://ift.tt/3dKAgUP
Submitted December 13, 2021 at 10:56PM by lowlevelprog
via reddit https://ift.tt/33rb4kd
Chaser Systems
Log4Shell and its traces in a network egress filter | Chaser Systems
Test driving the Log4Shell vulnerability with various versions of Java and observing the network egress connections
Invoke-noPac - CVE-2021-42287/CVE-2021-42278 Scanner & Exploiter
https://ift.tt/3e3K24B
Submitted December 14, 2021 at 02:06AM by v1brio
via reddit https://ift.tt/3ypBdeM
https://ift.tt/3e3K24B
Submitted December 14, 2021 at 02:06AM by v1brio
via reddit https://ift.tt/3ypBdeM
GitHub
GitHub - ricardojba/Invoke-noPac: .Net Assembly loader for the [CVE-2021-42287 - CVE-2021-42278] Scanner & Exploit noPac
.Net Assembly loader for the [CVE-2021-42287 - CVE-2021-42278] Scanner & Exploit noPac - GitHub - ricardojba/Invoke-noPac: .Net Assembly loader for the [CVE-2021-42287 - CVE-2021-42278] Sca...
Exploiting CVE-2021-42278 and CVE-2021-42287 to impersonate DA from standard domain user
https://ift.tt/3ygpX4h
Submitted December 14, 2021 at 12:23PM by 0xdea
via reddit https://ift.tt/3m2o9XC
https://ift.tt/3ygpX4h
Submitted December 14, 2021 at 12:23PM by 0xdea
via reddit https://ift.tt/3m2o9XC
fully independent exploit does not require any 3rd party binaries. The exploit spraying the payload to all possible logged HTTP Headers such as
https://ift.tt/3ESy3m8
Submitted December 14, 2021 at 12:54PM by EmirgianDark
via reddit https://ift.tt/3dOeG1t
https://ift.tt/3ESy3m8
Submitted December 14, 2021 at 12:54PM by EmirgianDark
via reddit https://ift.tt/3dOeG1t
GitHub
GitHub - cyberstruggle/L4sh: Log4Shell RCE Exploit - fully independent exploit does not require any 3rd party binaries.
Log4Shell RCE Exploit - fully independent exploit does not require any 3rd party binaries. - GitHub - cyberstruggle/L4sh: Log4Shell RCE Exploit - fully independent exploit does not require any 3rd ...
Log4J – A Look into Threat Actors Exploitation Attempts
https://ift.tt/3s0LVag
Submitted December 14, 2021 at 03:33PM by spyduecap
via reddit https://ift.tt/3s4YP6X
https://ift.tt/3s0LVag
Submitted December 14, 2021 at 03:33PM by spyduecap
via reddit https://ift.tt/3s4YP6X
Catonetworks
Log4J – A Look into Threat Actors Exploitation Attempts - Cato Networks
Recently, a critical zero-day vulnerability was discovered in Apache Log4j, a Java logging tool. Here's why this vulnerability is particularly dangerous.
Remote Deserialization Bug in Microsoft's RDP Client through Smart Card Extension (CVE-2021-38666)
https://ift.tt/3IJR8t7
Submitted December 14, 2021 at 05:54PM by 0xdea
via reddit https://ift.tt/3pY7Zj0
https://ift.tt/3IJR8t7
Submitted December 14, 2021 at 05:54PM by 0xdea
via reddit https://ift.tt/3pY7Zj0
thalium.github.io
Remote Deserialization Bug in Microsoft's RDP Client through Smart Card Extension (CVE-2021-38666)
This is the third installment in my three-part series of articles on fuzzing Microsoft’s RDP client, where I explain a bug I found by fuzzing the smart card extension.
TCP reverse shell written in Rust
https://ift.tt/3pVX7SP
Submitted December 14, 2021 at 09:24PM by KmancXC
via reddit https://ift.tt/3qevF35
https://ift.tt/3pVX7SP
Submitted December 14, 2021 at 09:24PM by KmancXC
via reddit https://ift.tt/3qevF35
GitHub
GitHub - kmanc/remote_code_oxidation
Contribute to kmanc/remote_code_oxidation development by creating an account on GitHub.
Payload extracted from process dump of Trojan chrome installer. Can't find much info about this virus online other than its been around a long time.
https://ift.tt/3GK68VO
Submitted December 14, 2021 at 10:22PM by Tear-Sensitive
via reddit https://ift.tt/3ISYPxc
https://ift.tt/3GK68VO
Submitted December 14, 2021 at 10:22PM by Tear-Sensitive
via reddit https://ift.tt/3ISYPxc
reddit
Payload extracted from process dump of Trojan chrome installer....
Posted in r/netsec by u/Tear-Sensitive • 1 point and 1 comment
Yara rules to look for Log4J usage
https://ift.tt/3oOddP8
Submitted December 14, 2021 at 11:38PM by timb_machine
via reddit https://ift.tt/3yoclUF
https://ift.tt/3oOddP8
Submitted December 14, 2021 at 11:38PM by timb_machine
via reddit https://ift.tt/3yoclUF
GitHub
GitHub - timb-machine/log4j: Yara rules to look for Log4J usage
Yara rules to look for Log4J usage. Contribute to timb-machine/log4j development by creating an account on GitHub.
IPs exploiting the log4j2 CVE-2021-44228 detected by the crowdsec community
https://ift.tt/31QJYCe
Submitted December 15, 2021 at 12:33AM by klausagnoletti
via reddit https://ift.tt/3s4Anmk
https://ift.tt/31QJYCe
Submitted December 15, 2021 at 12:33AM by klausagnoletti
via reddit https://ift.tt/3s4Anmk
Gist
IPs exploiting the log4j2 CVE-2021-44228 detected by the crowdsec community
IPs exploiting the log4j2 CVE-2021-44228 detected by the crowdsec community - log4j_exploitation_attempts_crowdsec.md
Previous log4j patch insufficient in some situations. New CVE posted and new log4j released 2.16.
https://ift.tt/3F0iQ2k
Submitted December 14, 2021 at 11:56PM by fiasco_averted
via reddit https://ift.tt/3EYRiu9
https://ift.tt/3F0iQ2k
Submitted December 14, 2021 at 11:56PM by fiasco_averted
via reddit https://ift.tt/3EYRiu9
cve.mitre.org
CVE -
CVE-2021-45046
CVE-2021-45046
CVE® is a list of records — each containing an identification number, a denoscription, and at least one public reference — for publicly known cybersecurity vulnerabilities. The mission of the CVE Program is to identify, define, and catalog publicly disclosed…
log4jail - A firewall reverse proxy for preventing Log4J (Log4Shell aka CVE-2021-44228) attacks
https://ift.tt/3pZPBGu
Submitted December 15, 2021 at 03:16AM by mufeedvh
via reddit https://ift.tt/31Z0wbF
https://ift.tt/3pZPBGu
Submitted December 15, 2021 at 03:16AM by mufeedvh
via reddit https://ift.tt/31Z0wbF
GitHub
GitHub - mufeedvh/log4jail: A firewall reverse proxy for preventing Log4J (Log4Shell aka CVE-2021-44228) attacks.
A firewall reverse proxy for preventing Log4J (Log4Shell aka CVE-2021-44228) attacks. - GitHub - mufeedvh/log4jail: A firewall reverse proxy for preventing Log4J (Log4Shell aka CVE-2021-44228) atta...
Security Analysis of the 2nd Log4j CVE published earlier (CVE-2021-45046 / Log4Shell2)
https://ift.tt/30v4gku
Submitted December 15, 2021 at 09:14AM by freeqaz
via reddit https://ift.tt/3IMdF8F
https://ift.tt/30v4gku
Submitted December 15, 2021 at 09:14AM by freeqaz
via reddit https://ift.tt/3IMdF8F
www.lunasec.io
Log4Shell Update: Second log4j Vulnerability Published (CVE-2021-44228 + CVE-2021-45046) | LunaSec
A quick update on the situation now that a new log4j CVE has been created and patched in 2.16.0. We've done research and these are our findings.
log4j-jndi-be-gone: A simple mitigation for CVE-2021-44228 - log4j
https://ift.tt/3GEqxf6
Submitted December 15, 2021 at 12:05PM by digicat
via reddit https://ift.tt/3yqE9rg
https://ift.tt/3GEqxf6
Submitted December 15, 2021 at 12:05PM by digicat
via reddit https://ift.tt/3yqE9rg
Nccgroup
Cyber Security Research
Cutting-edge cyber security research from NCC Group. Find public reports, technical advisories, analyses, & other novel insights from our global experts.
A TL;DR technical explanation of the log4j vulnerability
https://ift.tt/3dRbn9Q
Submitted December 15, 2021 at 07:31PM by sn1pr0s
via reddit https://ift.tt/3GOVCfU
https://ift.tt/3dRbn9Q
Submitted December 15, 2021 at 07:31PM by sn1pr0s
via reddit https://ift.tt/3GOVCfU
The next log4shell is imminent
https://ift.tt/3EXh6XK
Submitted December 15, 2021 at 07:29PM by sn1pr0s
via reddit https://ift.tt/3F0SkWq
https://ift.tt/3EXh6XK
Submitted December 15, 2021 at 07:29PM by sn1pr0s
via reddit https://ift.tt/3F0SkWq
TLDR Engineering
The next Log4shell is imminent
Remember the Equifax breach that happened 4 years ago, caused by an Apache Struts vulnerability (CVE-2017-5638)? I argue that it's quite similar in nature to the new log4j vulnerability, and moreover - it will happen again, in a different project.
For those who don't know whether to laugh or cry
https://log4jmemes.com/
Submitted December 15, 2021 at 10:26PM by subtleeffect
via reddit https://ift.tt/31UMVSO
https://log4jmemes.com/
Submitted December 15, 2021 at 10:26PM by subtleeffect
via reddit https://ift.tt/31UMVSO
reddit
For those who don't know whether to laugh or cry
Posted in r/netsec by u/subtleeffect • 19 points and 1 comment
Exploiting and Mitigating CVE-2021-44228: Log4j Remote Code Execution (RCE)
https://ift.tt/3oU3ZRs
Submitted December 15, 2021 at 11:06PM by MiguelHzBz
via reddit https://ift.tt/3pYLKK3
https://ift.tt/3oU3ZRs
Submitted December 15, 2021 at 11:06PM by MiguelHzBz
via reddit https://ift.tt/3pYLKK3
Sysdig
Exploiting, Mitigating, and Detecting CVE-2021-44228: Log4j Remote Code Execution (RCE) – Sysdig
The CVE-2021-44228 is a CRITICAL vulnerability that allows attackers to execute arbitrary code on a machine. Updating log4j to 2.16.0.
jfrog/log4j-tools: tools for finding log4shell in jars and source
https://ift.tt/3E3gazE
Submitted December 16, 2021 at 03:55AM by descalingisfun
via reddit https://ift.tt/3ytefmK
https://ift.tt/3E3gazE
Submitted December 16, 2021 at 03:55AM by descalingisfun
via reddit https://ift.tt/3ytefmK
😰 Log4J vulnerability in detail and the bigger picture
https://ift.tt/3IPb261
Submitted December 16, 2021 at 09:06AM by susamn
via reddit https://ift.tt/30u5j3Z
https://ift.tt/3IPb261
Submitted December 16, 2021 at 09:06AM by susamn
via reddit https://ift.tt/30u5j3Z
Medium
😰 Log4J vulnerability in detail and the bigger picture
It’s a sad day for the Java community