Last update: Monday, 15 December 2021, 02:17 ET
Security teams all over the world are rushing to deal with the new critical zero-day vulnerability dubbed Log4Shell.
This vulnerability in Apache Log4j, a popular open-source Java logging library, has the potential to enable threat actors to compromise systems at scale.
Read more about this in our blog post.
Here is a curated list of everything that you should know, and everything you should do.
| Name | Description | Source | Link |
|---|---|---|---|
| Logout4Shell | Use Log4Shell vulnerability to vaccinate a victim server against Log4Shell | GitHub/Cybereason | Link |
| log4shell-detector | Detector for Log4Shell exploitation attempts | GitHub/Neo23x0 | Link |
| Log4ShellScanner | Scans and catches callbacks of systems that are impacted by Log4J Log4Shell vulnerability across specific headers | GitHub/mwarnerblu | Link |
| burp-log4shell | Log4Shell scanner for Burp Suite | GitHub/silentsignal | Link |
| nse-log4shell | Nmap NSE scripts to check against Log4Shell vulnerabilities | Githuib/Diverto | Link |
| Log4jScanner | Scans only internal subnets for vulnerable log4j | Githuib/proferosec | Link |
| Name | Description | Source | Link |
|---|---|---|---|
| Malicious domains | List of callback servers, used by attackers | Greynoise | Link |
| Malicious IPs | List of scanning IP addresses | Greynoise | Link |
| Hashes for vulnerable Log4J version | A list created to help organizations find vulnerable versions | GitHub/mubix | Link |
| Log4Shell sample vulnerable application | A vulnerable Spring Boot web application | GitHub/christophetd | Link |
| Log4j Hotpatch | Tool that hotpatches a running JVM process | Amazon/Corretto | Link |
| Name | Description | Source | Link |
|---|---|---|---|
| Log4jAttackSurface | List of manufacturers and components affected by the Log4j vulnerability | YfryTchsGD | Link |
| AWS - Security Bulletins | Update for Apache Log4j2 Issue | AWS | Link |
| Google Cloud | Google Cloud’s security advisory | Google Cloud | Link |
| Apache Logging Services | Apache Log4j security vulnerabilities | Apache | Link |
| Microsoft Security blog | Guidance for preventing, detecting, and hunting for Apache Log4j2 Issue | Microsoft | Link |
| Salesforce | Update for Apache Log4j2 Issue | Salesforce | Link |
| Cisco | Log4j Developer Response | Cisco | Link |
| Log4Shell log4j vulnerability (CVE-2021-44228) - cheat-sheet reference guide | List of vendors' responses | Tech Solvency / Royce Williams | Link |
| Security Advisories / Bulletins linked to Log4Shell | List of vendors' responses | GitHub/SwitHak | Link |
| log4j-log4shell-affected | Lists of affected components and affected apps/vendors | GitHub/authomize | Link |
| Name | Description | Source | Link |
|---|---|---|---|
| Indicators-of-Compromise | List of IoC to detect exploits of Log4Sell | Blumira | Link |
| Log4Shell(CVE-2021-44228) related attacks IOCs | List of Indicators of compromise related Log4Sell attack | GitHub/RedDrip7 | Link |
| Exploitation-of-Log4j2 | List of Indicators of compromise identified by Threatview.io | GitHub/Malwar3Ninja | Link |
| List of IP and Domains | Domains and IP’s that have been observed to listen for incoming connections | nccgroup | Link |
| Log4Shell-IOCs | A list of IOC feeds and threat reports focused on the recent Log4Shell exploit | GitHub/curated-intel | Link |
Communities, lists, discussion boards, newsletters, channels, chats, etc.
| Name | Description | Source | Link |
|---|---|---|---|
| Aggregated Log4j Help Guide | List of dozens of open source resources including: Update/Patch, Vendor Advisories, Vulnerability/Exploitation Detections, and much more. | NCC Group | Link |
| Video - Log4j Industry Impact | Video discussing Log4j and it’s potential impacts across the ecosystem | Youtube | Link |
| Log4Shell Vulnerability Tester | Free tool to test whether your applications are vulnerable | Huntress | Link |
| Non-Technical Log4j Breakdown | Explaining Log4j for non-technical people | Twitter/@Emy | Link |
| Log4Shell Report | Booklet including Vulnerability Assessment & Mitigation w/ dozens of additional resources. | The Cyber Security Hub (1.3 Million Followers) | Link |
| Detecting Log4j in Your Applications | How to detect Log4j Vulnerability in your applications | InfoWorld | Link |
| Govcert Log4j Update | Log4j in a nutshell. From attack to prevention. | Swiss Govcert | Link |
| Video - Log4j Detection | Exactly what you need to know about log4j , how to demo it, detect it, & how to respond. | Youtube | Link |
| Check Point Log4j Inforgraphic | Inforgraphics and statistics | Check Point | Link |
| Second log4j Vulnerability 🆕 | Details about CVE-2021-45046 | LunaSec | Link |
In order to add items to the list, email us at contact@mitiga.io or contact as directly.