What do you need to know about the log4j (Log4Shell) vulnerability?
HTML-код
- Опубликовано: 26 июл 2024
- A Remote Code Execution (RCE) vulnerability in the popular log4j library was published yesterday.
While any RCE vulnerability sounds bad, this one is particularly nasty because it affects absolutely any application (server and client-side) that uses a vulnerable version of the log4j library.
In this live stream, we'll go over exploitation details and will see what blue teams can do to detect the attack and protect their environments.
#cyber #cybersecurity #vulnerabilities #log4j #rce #remotecodeexecution #blueteaming #blueteam #blueteams #cyberattack 
Развлечения
This is great information, thank you so much.
Thanks for the information guys.
Great info, thanks for sharing.
Thank you for information.
Nice job Guys. Very useful information, and highly appreciated!!
This should have more views....
Thank you all!!
Great info
Good stuff.
Ok what is that banger song in the intro though?
Where can we find the slides please?
Attacker:
We know you know this,
You know we know your 'security'. =).
Thank you for this great webcast, any links for the slides and sites mention
Great information on log4j
@@Jayrprez uuuuuuuuuu7ygyg6 GG go jjjjjjjj oops
Ii
Iiii
@@Jayrprez gj
Where does the IMMA model come from? It looks valuable but not finding many references.
I created it as a way to help my clients rapidly improve their security posture. This is the first time I've pushed it out to a broader audience.
@@MichaelDouglas-ix1tt The model makes a lot of sense. The way this log4j/jmdi issue is playing out, patching clearly won't be enough for some time to come. More basic security measures, which should always have been BAU, become more important than ever.
Though, I particularly liked the addition of 'Active Defense' in the form of intrusion detection honeypots, something I've been promoting and researching myself, and which isn't widely used in the industry.
Thank. Do you recommend any honeypots?
because attackers are putting the Log4j string anywhere they can ANY web site honeypot that you like would work great. I strongly suggest using your own web apps as honeypots. Just look at the input logs.
0:04 Hello I'm ded
First guy gave extremely knowledgeable, practical, and actionable information. I'm not sure what the other two were doing.
all of them did a great job , their effort is much appreciated
Sorry you didn't like the info I gave. If you can give some constructive suggestions, I'm open. The defense against Log4j doesn't have to be that difficult. I was shooting for easy to do and quickly workable. Sorry if you felt it wasn't up to your expectations. Let me know what you think would be useful.
Please don't use the condescending "what you need to know about" format.
Sorry, we didn't mean to be condescending! Do you have a phrase that you feel is less loaded?