Last update: Monday, 15 December 2021, 02:17 ET
Security teams all over the world are rushing to deal with the new critical zero-day vulnerability dubbed Log4Shell.
This vulnerability in Apache Log4j, a popular open-source Java logging library, has the potential to enable threat actors to compromise systems at scale.
Read more about this in our blog post.
Here is a curated list of everything that you should know, and everything you should do.
Name | Description | Source | Link |
---|---|---|---|
Logout4Shell | Use Log4Shell vulnerability to vaccinate a victim server against Log4Shell | GitHub/Cybereason | Link |
log4shell-detector | Detector for Log4Shell exploitation attempts | GitHub/Neo23x0 | Link |
Log4ShellScanner | Scans and catches callbacks of systems that are impacted by Log4J Log4Shell vulnerability across specific headers | GitHub/mwarnerblu | Link |
burp-log4shell | Log4Shell scanner for Burp Suite | GitHub/silentsignal | Link |
nse-log4shell | Nmap NSE scripts to check against Log4Shell vulnerabilities | Githuib/Diverto | Link |
Log4jScanner | Scans only internal subnets for vulnerable log4j | Githuib/proferosec | Link |
Name | Description | Source | Link |
---|---|---|---|
Malicious domains | List of callback servers, used by attackers | Greynoise | Link |
Malicious IPs | List of scanning IP addresses | Greynoise | Link |
Hashes for vulnerable Log4J version | A list created to help organizations find vulnerable versions | GitHub/mubix | Link |
Log4Shell sample vulnerable application | A vulnerable Spring Boot web application | GitHub/christophetd | Link |
Log4j Hotpatch | Tool that hotpatches a running JVM process | Amazon/Corretto | Link |
Name | Description | Source | Link |
---|---|---|---|
Log4jAttackSurface | List of manufacturers and components affected by the Log4j vulnerability | YfryTchsGD | Link |
AWS - Security Bulletins | Update for Apache Log4j2 Issue | AWS | Link |
Google Cloud | Google Cloud’s security advisory | Google Cloud | Link |
Apache Logging Services | Apache Log4j security vulnerabilities | Apache | Link |
Microsoft Security blog | Guidance for preventing, detecting, and hunting for Apache Log4j2 Issue | Microsoft | Link |
Salesforce | Update for Apache Log4j2 Issue | Salesforce | Link |
Cisco | Log4j Developer Response | Cisco | Link |
Log4Shell log4j vulnerability (CVE-2021-44228) - cheat-sheet reference guide | List of vendors' responses | Tech Solvency / Royce Williams | Link |
Security Advisories / Bulletins linked to Log4Shell | List of vendors' responses | GitHub/SwitHak | Link |
log4j-log4shell-affected | Lists of affected components and affected apps/vendors | GitHub/authomize | Link |
Name | Description | Source | Link |
---|---|---|---|
Indicators-of-Compromise | List of IoC to detect exploits of Log4Sell | Blumira | Link |
Log4Shell(CVE-2021-44228) related attacks IOCs | List of Indicators of compromise related Log4Sell attack | GitHub/RedDrip7 | Link |
Exploitation-of-Log4j2 | List of Indicators of compromise identified by Threatview.io | GitHub/Malwar3Ninja | Link |
List of IP and Domains | Domains and IP’s that have been observed to listen for incoming connections | nccgroup | Link |
Log4Shell-IOCs | A list of IOC feeds and threat reports focused on the recent Log4Shell exploit | GitHub/curated-intel | Link |
Communities, lists, discussion boards, newsletters, channels, chats, etc.
Name | Description | Source | Link |
---|---|---|---|
Aggregated Log4j Help Guide | List of dozens of open source resources including: Update/Patch, Vendor Advisories, Vulnerability/Exploitation Detections, and much more. | NCC Group | Link |
Video - Log4j Industry Impact | Video discussing Log4j and it’s potential impacts across the ecosystem | Youtube | Link |
Log4Shell Vulnerability Tester | Free tool to test whether your applications are vulnerable | Huntress | Link |
Non-Technical Log4j Breakdown | Explaining Log4j for non-technical people | Twitter/@Emy | Link |
Log4Shell Report | Booklet including Vulnerability Assessment & Mitigation w/ dozens of additional resources. | The Cyber Security Hub (1.3 Million Followers) | Link |
Detecting Log4j in Your Applications | How to detect Log4j Vulnerability in your applications | InfoWorld | Link |
Govcert Log4j Update | Log4j in a nutshell. From attack to prevention. | Swiss Govcert | Link |
Video - Log4j Detection | Exactly what you need to know about log4j , how to demo it, detect it, & how to respond. | Youtube | Link |
Check Point Log4j Inforgraphic | Inforgraphics and statistics | Check Point | Link |
Second log4j Vulnerability 🆕 | Details about CVE-2021-45046 | LunaSec | Link |
In order to add items to the list, email us at contact@mitiga.io or contact as directly.