RT @HaboubiAnis
Etape 1) Alvaro Muñoz @pwntester presente en 2016 la vulnérabilité

Etape 2) Exploitation de la vulnérabilité #log4jRCE / #Log4Shell de 2021.

Etape 3) Tout le système est vérolé #cyberpandemie #breakingtheshell

Presentation: https://blackhat.com/docs/us-16/materials/us-16-Munoz-A-Journey-From-JNDI-LDAP-Manipulation-To-RCE.pdf

They aren't the end all, be all, but they can be an extremely effective security controls for when things like this rear their ugly head..

Here are a few things we're seeing as it pertains to the recent #log4jrce vulnerability.. #security #waf #dns #cdn

https://noc.org/2021/12/14/cloud-based-web-application-firewalls-waf-the-log4j-vulnerability/?utm_source=twitter&utm_medium=blog&utm_campaign=noc-log4j

RT @cyb3rops@twitter.com

Iv'e created Gist with exploitation detection ideas and rules

I'll update this gist frequently

#log4j #log4jrce CVE-2021-44228

https://gist.github.com/Neo23x0/e4c8b03ff8cdf1fa63b7d15db6e3860b

🐦🔗: https://twitter.com/cyb3rops/status/1469243580929740802