Lazarus Group Exploiting Log4Shell Vulnerability (NukeSped)
In December last year, the vulnerability (CVE-2021-44228) of Java-based logging utility Log4j became a worldwide issue. It is a remote code execution vulnerability that can include the remote Java object address in the log message and send it to the server using Log4j to run the Java object in the
Detection of Log4j Vulnerability (CVE-2021-44228) Using V3 Network Detection
After the reveal of Apache Log4j vulnerability (CVE-2021-44228) on December 10th, 2021, there have been various POCs (Proof of Concept) uploaded on GitHub. The Log4j vulnerability has a huge impact because attackers can insert malicious class addresses and run malicious classes created by them on web servers. AhnLab has updated
![[Notice] Log4j Core Affected by Apache Log4j Vulnerability CVE-2021-44228](https://asec.ahnlab.com/wp-content/uploads/2021/12/38_security-alert_01.png)
[Notice] Log4j Core Affected by Apache Log4j Vulnerability CVE-2021-44228
AhnLab recommends security updates for Apache Log4j vulnerability. Apache Log4j Vulnerability Information Vulnerability Vulnerability (CVE-2021-44228, CVSS 10.0) that the attacker can remote code execute via a log message in Log4j 2.x version [1] Vulnerability (CVE-2021-45046, CVSS 3.7) in Log4j 2.x version that allows the attacker to cause Denied of Service
