Source |
SANS Institute |
Identifiant |
8152345 |
Date de publication |
2022-11-21 20:48:27 (vue: 2022-11-21 22:05:53) |
Titre |
Log4Shell campaigns are using Nashorn to get reverse shell on victim\'s machines, (Mon, Nov 21st) |
Texte |
Almost one year later, Log4Shell attacks are still alive and making victims. Log4shell, as you may remember, was the name given to a remote code execution (RCE) vulnerability in the Apache Log4j Java library, first known on December 10th, 2021.  Information on the zero-day (CVE-2021-44228) and malicious campaigns using it were covered here in SANS ISC in different diaries like here and here.
|
Envoyé |
Oui |
Condensat |
 information 10th 2021 21st 44228 alive almost apache are attacks campaigns code covered cve day december diaries different execution first get given here isc java known later library like log4j log4shell machines making malicious may mon name nashorn nov one rce remember remote reverse sans shell using victim victims vulnerability year zero |
Tags |
Vulnerability
|
Stories |
|
Notes |
|
Move |
|