Announcements
This ISC2 Community will be decommissioned as of May 29, 2026. Please join your peers and connect with your chapter at https://isc2chapters.isc2.org.
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
AppDefects
Community Champion
‎12-10-2021 05:06 PM
‎12-10-2021 05:06 PM

Log4shell: CVSS 10!

In case anyone missed all the action today:

 

Log4Shell’ vulnerability poses critical threat to applications using ‘ubiquitous’ Java logging packa...and here Exploiting JNDI Injections in Java

 

Have a nice weekend...

Reply
11 Replies
Caute_cautim
Community Champion
‎12-23-2021 11:41 PM
‎12-23-2021 11:41 PM

@csjohnng   Like everyone else, it appears that Alibaba, didn't disclose it to the Chinese Government first, which apparently they were meant to do before it went public!!  We can guess what would have happened, if the Chinese Government had been informed and then decided to use it against everyone else.

 

Unfortunately the North Korean hacking teams are probably making hay while they can and using for their own nefarious purposes too.

 

Best to keep an eye on what is going on, more exploits being created and reported upon even as we liaise.

 

Lets hope it is a quiet Christmas, but unfortunately, I don't think that will be the case.

 

And just as predicted Conti and ransomware exploiters are now using it:

 

https://www.techrepublic.com/article/conti-ransomware-is-exploiting-the-log4shell-vulnerability-to-t...

 

 

Regards

 

Caute_Cautim

Reply
sidrawww
Viewer
12 hours ago
12 hours ago

That’s a very important point. Relying on the WAF as a temporary protection layer only works well when signatures are updated regularly. Threat patterns evolve quickly, and missing even a few updates can leave systems exposed to new vulnerabilities. Keeping signatures current every couple of days is a smart practice while planning a proper upgrade. It reminds me of maintaining tools like tlauncher.pl , where regular updates are also necessary for better security, compatibility, and performance overall.

Reply
0 Kudos