TTPwire Vol. 1 · MITRE ATT&CK·Tagged

← All stories

Huntress

Critical RCE Vulnerability Updates (log4j - CVE-2021-44228) | Huntress

2021-12-10 · Read original ↗

ATT&CK techniques detected

5 predictions
T1190Exploit Public-Facing Application
92%
"exploitation. what ' s huntress doing? we ’ ve created a tool to help you test whether your applications are vulnerable to cve - 2021 - 44228. you can access the tool here : https : / / log4shell. huntress. com / the website will generate a unique identifier to test whether your …"
T1190Exploit Public-Facing Application
73%
"##ies and concerns for connectwise manage installations, and n - able has confirmed that their rmm and n - central are affected. we ' re investigating the reach and will post an update on our blog as soon as we have one. what ' s happening? attackers are actively exploiting a cri…"
T1190Exploit Public-Facing Application
46%
": 40pm et - updated with an invitation to join our technical deep - dive during this week ' s tradecraft tuesday episode - update # 3 - 12 / 11 / 2021 @ 11 : 30am et - updated with instructions on how to use our vulnerability tool - update # 2 - 12 / 11 / 2021 @ 1am et - updated …"
T1190Exploit Public-Facing Application
41%
"the adversary. the log4j vulnerability parses this and reaches out to the malicious host via the “ java naming and directory interface ” ( jndi ). the first - stage resource acts as a springboard to another attacker - controlled endpoint, which serves java code to be executed on …"
T1190Exploit Public-Facing Application
31%
"your security posture, this could lead to future compromise — whether it be cryptocurrency miners, cobalt strike beacons, or ransomware. threat intelligence the jndi abuse here is easily performed by a public and accessible utility, jndiexploit. the use of this tool by a threat a…"

Summary

Read about how our team investigated CVE-2021-44228, a critical vulnerability that was affecting a Java logging package.