Log4j / Log4Shell Followup: What we see and how to defend (and how to access our data), (Sat, Dec 11th)

    On Thursday, December 9th, LunaSec published a blog post with details regarding a vulnerability in the log4j2 library. This vulnerability became quickly known as “log4shell”, and %%CVE:2021-44228%% was assigned to it [1]. On Friday, Bojan published a post with some technical details regarding the exploitation of this vulnerability [2]. We have also posted some of the attacks we saw via our Twitter account (@sans_isc).

Article Link: InfoSec Handlers Diary Blog