All stakeholders in the technology community are strongly advised to check their environments and take appropriate security measures.ĭatto has released a tool, both for RMM partners via the ComStore and publicly via GitHub, to automate the process of scanning Windows devices for signs of this vulnerability and any compromise that may have occurred. The extent to which this software package is integrated into the world's technologies and platforms is still being discovered, but given the ease by which software containing this component can be exploited on devices reachable from the open internet (for example, servers), this Log4j vulnerability, dubbed Log4Shell, is being treated as extremely severe.
On December 10, 2021, news of the active exploitation of a previously unknown zero-day vulnerability (CVE-2021-44228) in a common component of Java-based software (Log4j) became widely known.
Best practices for Log4Shell Enumeration, Mitigation, and Attack Detection Tool Background
0 kommentar(er)
