22 July 2022

log4shell

Log4Shell flaw: Still being used for crypto mining, botnet building… and Rickrolls Log4Shell Flaw
3 min read

Log4Shell flaw: Still being used for crypto mining, botnet building… and Rickrolls

RiSec.n0tst3 3 March 2022
Log4Shell is still a threat, however the flaw is currently mostly being used for crypto mining and knocking out websites Nearly three months on, at the time of writing, Log4Shell, the critical bug in Apache’s widely used Log4j project, hasn’t triggered the disaster that was feared, but it’s still being exploited and predominantly from cloud computers in the US.  The Log4Shell vulnerability came to light in December and sparked concern that it would be exploited by attackers because it was relatively easy to do and because the Java application...
Continue Reading
Iranian Hackers Exploit Log4j Vulnerability to Deploy PowerShell Backdoor Log4Shell
2 min read

Iranian Hackers Exploit Log4j Vulnerability to Deploy PowerShell Backdoor

RiSec.n0tst3 13 January 2022
An Iranian state-sponsored actor has been observed scanning and attempting to abuse the Log4Shell flaw in publicly-exposed Java applications to deploy a hitherto undocumented PowerShell-based modular backdoor dubbed “CharmPower” for follow-on post-exploitation. “The actor’s attack setup was obviously rushed, as they used the basic open-source tool for the exploitation and based their operations on the previous infrastructure, which made the attack easier to detect and attribute,” researchers from Check Point said in a report published this week. The Israeli cybersecurity company linked the attack to a group known as APT35, which is...
Continue Reading
Is Log4Shell the worst security issue of the decade? log4j exploit
3 min read

Is Log4Shell the worst security issue of the decade?

RiSec.n0tst3 29 December 2021
Log4shell summary overview “I see that the Log4Shell vulnerability, which has transformed into multiple vulnerabilities, is going to stay with us for a while”. Just yesterday, December 28th, yet another remote code execution vulnerability was discovered again in all Log4j versions, with a new fix now available in v2.17.1. Is log4shell really the worst security issue of the decade? So, here is the latest update of what we know so far, at the time of writing, with the latest information. Is Log4Shell the worst security issue in decades? December 10,...
Continue Reading

You may have missed

OctoBot WebInterface – Remote Code Execution (RCE) – 0.4.3 Vulnerability
5 min read

OctoBot WebInterface – Remote Code Execution (RCE) – 0.4.3

21 July 2022
Dangerous ‘Lightning Framework’ Linux malware installs rootkits, backdoors Dangerous ‘Lightning Framework’ Linux malware installs rootkits, backdoors
3 min read

Dangerous ‘Lightning Framework’ Linux malware installs rootkits, backdoors

21 July 2022
Atlassian Patches critical Confluence hardcoded credentials flaw Atlassian
3 min read

Atlassian Patches critical Confluence hardcoded credentials flaw

21 July 2022
Microsoft Teams outage also affected Microsoft 365 services Microsoft
2 min read

Microsoft Teams outage also affected Microsoft 365 services

21 July 2022
en English
af Afrikaanssq Albanianam Amharicar Arabichy Armenianaz Azerbaijanieu Basquebe Belarusianbn Bengalibs Bosnianbg Bulgarianca Catalanceb Cebuanony Chichewazh-CN Chinese (Simplified)zh-TW Chinese (Traditional)co Corsicanhr Croatiancs Czechda Danishnl Dutchen Englisheo Esperantoet Estoniantl Filipinofi Finnishfr Frenchfy Frisiangl Galicianka Georgiande Germanel Greekgu Gujaratiht Haitian Creoleha Hausahaw Hawaiianiw Hebrewhi Hindihmn Hmonghu Hungarianis Icelandicig Igboid Indonesianga Irishit Italianja Japanesejw Javanesekn Kannadakk Kazakhkm Khmerko Koreanku Kurdish (Kurmanji)ky Kyrgyzlo Laola Latinlv Latvianlt Lithuanianlb Luxembourgishmk Macedonianmg Malagasyms Malayml Malayalammt Maltesemi Maorimr Marathimn Mongolianmy Myanmar (Burmese)ne Nepalino Norwegianps Pashtofa Persianpl Polishpt Portuguesepa Punjabiro Romanianru Russiansm Samoangd Scottish Gaelicsr Serbianst Sesothosn Shonasd Sindhisi Sinhalask Slovaksl Slovenianso Somalies Spanishsu Sudanesesw Swahilisv Swedishtg Tajikta Tamilte Teluguth Thaitr Turkishuk Ukrainianur Urduuz Uzbekvi Vietnamesecy Welshxh Xhosayi Yiddishyo Yorubazu Zulu