Yara rules to look for Log4J usage. Contribute to timb-machine/log4j development by creating an account on GitHub.

IPs exploiting the log4j2 CVE-2021-44228 detected by the crowdsec community - log4j_exploitation_attempts_crowdsec.md

CVE® is a list of records — each containing an identification number, a denoscription, and at least one public reference — for publicly known cybersecurity vulnerabilities. The mission of the CVE Program is to identify, define, and catalog publicly disclosed…

A firewall reverse proxy for preventing Log4J (Log4Shell aka CVE-2021-44228) attacks. - GitHub - mufeedvh/log4jail: A firewall reverse proxy for preventing Log4J (Log4Shell aka CVE-2021-44228) atta...

A quick update on the situation now that a new log4j CVE has been created and patched in 2.16.0. We've done research and these are our findings.

Cutting-edge cyber security research from NCC Group. Find public reports, technical advisories, analyses, & other novel insights from our global experts.

Remember the Equifax breach that happened 4 years ago, caused by an Apache Struts vulnerability (CVE-2017-5638)? I argue that it's quite similar in nature to the new log4j vulnerability, and moreover - it will happen again, in a different project.

Posted in r/netsec by u/subtleeffect • 19 points and 1 comment

The CVE-2021-44228 is a CRITICAL vulnerability that allows attackers to execute arbitrary code on a machine. Updating log4j to 2.16.0.

It’s a sad day for the Java community

In this blog post, we are going to cover a strategy to help you get a job as a pentester or application security professional.

CVE-2021-42287/CVE-2021-42278 Scanner & Exploiter. - ricardojba/noPac

58 votes and 1 comment so far on Reddit

Two Egyptians—exiled politician Ayman Nour and the host of a popular news program (who wishes to remain anonymous)—were hacked with Predator spyware, built and sold by the previously little-known mercenary spyware developer Cytrox. The phone of Ayman Nour…