JNDI LDAP to Get Root Access Log4shell

Google unleashes security 'fuzzer' on Log4Shell bug in open source software

The remotely exploitable flaw in Log4j – the widely deployed Java error logging library -- is being attacked by multiple actors and likely will remain so for many ...

VentureBeat

The Log4Shell vulnerability: A postmortem

The Log4shell vulnerability was a weakness in the JNDI lookup functionality of Log4j2, between version 2.0 and 2.14. This allowed an attacker, who had control over what was printed in the logs (for ...

Threat Post

Apache’s Fix for Log4Shell Can Lead to DoS Attacks

Not only is the jaw-dropping flaw in the Apache Log4j logging library ubiquitous; Apache’s blanket of a quickly baked patch for Log4Shell also has holes. As if finding one easily exploited and ...

Bleeping Computer

Hackers start pushing malware in worldwide Log4Shell attacks

Threat actors and researchers are scanning for and exploiting the Log4j Log4Shell vulnerability to deploy malware or find vulnerable servers. In this article, we have compiled the known payloads, ...

Some results have been hidden because they may be inaccessible to you

Show inaccessible results