Important information regarding log4j vulnerability appeared on Friday.
In case you did not see it yet have a look
3 Likes
variable expansion inside variables, no wonder the devs wanted the feature removed years ago.
1 Like
During the weekend I tried to figure out what the impact of the remote code execution of log4j is. log4j is a popular logging library which is widely used. Remote code execution or RCE can be used to execute malicious or bad code.
If your company uses a Java component, then there is a chance that it uses log4j. This component could be present in the software of a supplier.
Explaining to a manager: we might need to replace some screws in the car, but we don’t know which ones.
For the people who love to fix things:
- In this thread Mick Douglas describes how to handle a situation with log4j: “1. Keep calm. There’s no need to panic.”
https://twitter.com/bettersafetynet/status/1469470284977745932 - Florian Roth has some interesting resources in his tweets around December 11th:
https://twitter.com/cyb3rops
2 Likes
If you want to try it out and see what the impact is John Hammond prepped a TryHackMe box, which will become available soon:
Then you can try it out yourself, with a walkthrough even if required 
1 Like
What a game!
1 Like
You can now try to exploit it yourself, mitigate it and patch it on TryHackme:
Yesterday I noticed that NCSC-NL, National Cyber Security Centre - Netherlands, is looking at Log4J on this Dutch web page:
This page contains a link to an English github listing programs, which have been investigated or are being investigated on the presence of the vulnerability of Log4J:
1 Like
It’s not a sprint.
I don’t know Java at all well, and am pretty new on the security scene too , but it’s worth noting that as a backdoor, this is not just an issue in public back-ends. It can “rotate” through almost any 3rd party api integrations too.
2 Likes