#cybersecurity #log4j #exploit

in this video we will know about the new release of log4j which is coming to patch another vulnerability causing denial of service in Log4j, this vulnerability is fixed in version 2.17.0

a part from log4j, which is a hot topic and many people are searching for it right now, I am going to show you how to be proactive and get such news with your own, this will help you be updated always, and in the case of zero day vulnerabilities, knowledge is power!

Log4j is logging library used by Apache products, Log4j is affected by the CVE-2021-44228 which is lead to a remote code execution vulnerability, it can be exploited without authentication. making CVE-2021-44228 an unauthenticated RCE vulnerability

Apache Log4j versions prior to 2.15.0 do not protect against attacker-controlled LDAP and other JNDI-related endpoints. When message lookup substitution is enabled, an attacker with control over log messages or log message parameters can execute arbitrary code loaded from LDAP servers. This vulnerability is also dubbed Log4Shell or LogJam.

Useful Links

Official Log4j release
https://logging.apache.org/log4j/2.x/

Vulnerability analysis by #Tenable (#Nessus)
https://www.tenable.com/blog/cve-2021-44228-proof-of-concept-for-critical-apache-log4j-remote-code-execution-vulnerability

List of vendor releases related to this vulnerability
https://gist.github.com/SwitHak/b66db3a06c2955a9cb71a8718970c592

Useful Reddit thread
https://www.reddit.com/r/blueteamsec/comments/rd38z9/log4j_0day_being_exploited/

Github POCs / #JNDI injection exploit
https://github.com/tangxiaofeng7/CVE-2021-44228-Apache-Log4j-Rce
https://github.com/welk1n/JNDI-Injection-Exploit


#F5 #WAF response
https://support.f5.com/csp/article/K19026212

#List of Known Addresses that are distributing the malware
https://www.facebook.com/techvortex.official/photos/gm.1098875667525789/155821003435538/?type=3&theater