Welcome to our

Cyber Security News Aggregator

Cyber Tzar

provide a

cyber security risk management

platform; including automated penetration tests and risk assesments culminating in a "cyber risk score" out of 1,000, just like a credit score.

First slide label

Some representative placeholder content for the first slide.

Second slide label

Some representative placeholder content for the second slide.

Third slide label

Some representative placeholder content for the third slide.

Log4Shell campaigns are using Nashorn to get reverse shell on victim's machines, (Mon, Nov 21st)

published on 2022-11-21 20:48:27 UTC by
Content:

Almost one year later, Log4Shell attacks are still alive and making victims. Log4shell, as you may remember, was the name given to a remote code execution (RCE) vulnerability in the Apache Log4j Java library, first known on December 10th, 2021. Information on the zero-day (CVE-2021-44228) and malicious campaigns using it were covered here in SANS ISC in different diaries like here and here.

Article: Log4Shell campaigns are using Nashorn to get reverse shell on victim's machines, (Mon, Nov 21st) - published about 2 years ago.

https://isc.sans.edu/diary/rss/29266
Published: 2022 11 21 20:48:27
Received: 2022 11 21 21:14:14
Feed: SANS Internet Storm Center, InfoCON: green
Source: SANS Internet Storm Center, InfoCON: green
Category: Alerts
Topic: Vulnerabilities
Views: 1