More logging means it's easier than ever to execute the discovery course of action to identify earlier exploitation. I expect to see more evidence of pre-disclosure exploitation in the future. https://t.co/mxubEeckEF
— Jake Williams (@MalwareJake) December 13, 2021
The #Kinsing and #Muhstik cryptomining botnets are some of the first to exploit any new RCE vulnerability: this time it’s Log4j & Log4Shell. Those two names have cropped up for several major RCEs this year, they’ve actually become one way to tell how bad a new RCE is.
— Will | Bushido (@BushidoToken) December 11, 2021
Earliest evidence we’ve found so far of #Log4J exploit is 2021-12-01 04:36:50 UTC. That suggests it was in the wild at least 9 days before publicly disclosed. However, don’t see evidence of mass exploitation until after public disclosure.
— Matthew Prince ? (@eastdakota) December 11, 2021
Log4Shell attacks began two weeks ago, Cisco and Cloudflare say
— Catalin Cimpanu (@campuscodi) December 13, 2021
-4 major botnets spotted abusing Log4Shell right now (per Netlab)
-more than 10k hosts scanning for it (per Kryptos Logic)
-DDoS, crypto-miners, and CS beacons as payloads for nowhttps://t.co/oIm2wzNLHv pic.twitter.com/E9B42fKQY7
Attacks exploiting the Log4Shell vulnerability started two weeks ago, according to two tech companies https://t.co/eu6UNAPnxB
— The Record by Recorded Future (@TheRecord_Media) December 13, 2021
Log4Shell attacks began two weeks ago, Cisco and Cloudflare say https://t.co/IxDwPK5Lea
— Ken Westin (@kwestin) December 13, 2021
CISA to brief critical infrastructure companies about urgent new Log4j vulnerability https://t.co/ncQ6Ijvfxm
— The Cyber Security Hub™ (@TheCyberSecHub) December 13, 2021
Quebec shuts down thousands of sites as disclosure of the Log4Shell flaw https://t.co/hUutS4XbxH
— Nicolas Krassas (@Dinosn) December 13, 2021
Relatedly. I see reports that some sites are seeing as many 100 attempted hacks per minute, across more than 40% of corporate networks. https://t.co/zQPWuSTMPK
— Paul Kedrosky (@pkedrosky) December 14, 2021
한편 기업용 네트워크 거의 절반에 대해 Log4j 보안 취약점 탐지 시도가 있었다는 분석도… https://t.co/a7oV0zLz3b
— H. Kim (@metavital) December 14, 2021
Log4j 보안 결함이 공개된 후 72시간 동안 83만 건 이상의 공격 시도가 기록되는 등 전세계적으로 전방위적, 무작위 공격들이 이어지고 있다고… https://t.co/orzBhVWZe1
— H. Kim (@metavital) December 14, 2021
Approximately one year after the #SolarWinds Attack, the Apache #Log4j vulnerability has taken the #cybersecurity world by storm. @_CPResearch_ has witnessed new variations of the original exploit being introduced rapidly, over 60 in less than 24 hrs: https://t.co/BLlFxIflOj pic.twitter.com/KMQrUAowZU
— Check Point Software (@CheckPointSW) December 13, 2021
Unlike other major #cyberattacks, #Log4j is basically embedded in every #Java-based product or #webservice. This gives attackers many alternatives to bypass newly introduced protections rendering the exploit difficult to remediate: https://t.co/BLlFxHXKWL pic.twitter.com/H1UUcQUuXE
— Check Point Software (@CheckPointSW) December 14, 2021
Apache Log4j vulnerability exploit growthhttps://t.co/ALzAA0Thn4 pic.twitter.com/AmE1ZiSSvi
— John Koetsier, CEO of $SMRT (@johnkoetsier) December 14, 2021
What the Log4Shell Bug Means for SMBs: Experts Weigh In: https://t.co/1GChnUaJZD
— The Cyber Security Hub™ (@TheCyberSecHub) December 14, 2021
Log4Shell(CVE 2021- 4422)に対応するLog4j 2.15.0での脆弱性修正は不完全で、JEDIルックアップパターンによるDoSが可能。CVE 2021-45046が新たに発行されてて、Log4j 2.16.0はそのFix版とのこと。なるほど。https://t.co/zKcfGZUYdl https://t.co/a3iNDxrFzm
— SAKON (@sakon310) December 15, 2021
https://t.co/kfAufuZzl0 The pain just continues huh...
— sarah (@winocm) December 14, 2021
Not as bad as the first as it's requires non default configuration. #log4j https://t.co/UNnPBV0PgJ pic.twitter.com/4u98fjaBPl
— Tom?\(^-^)/ (@TomLawrenceTech) December 14, 2021
We are not done yet. #log4j has been patched again as the previous fix was "incomplete in certain non-default configurations.". Upgrade to 2.16.0 instead of 2.15.0. Do the same for your vendor provided software. https://t.co/cA8lQ3C3QN
— Mohit Kalra (@mohitkalra) December 14, 2021
Second Log4j vulnerability found, Apache Log4j 2.16.0 released https://t.co/Mdvt4PGh4C by @jgreigj
— ZDNet (@ZDNet) December 14, 2021
参考情報のおまけ。https://t.co/D7S3sZQp4L
— 釜山 公徳 (Masanori, KAMAYAMA) (@MasaKAMAYAMA) December 14, 2021
Thanks to @_JohnHammond for chatting with me about this for @PCMag!
— Kim Key? (@KimNewsome) December 13, 2021
Critical Apache Log4j2 Exploit Demonstrated in Minecraft https://t.co/zS9GlQTEp3 #PCMag