Regional »  Topic »  What does Log4j mean for the Enterprise? Key Strategies to Protect Your Organization

What does Log4j mean for the Enterprise? Key Strategies to Protect Your Organization


Keysight operates a global honeypot network to track malicious activity trends on the Internet under the direction of our Application and Threat Intelligence (ATI) Research Center. We started to observe the first Log4Shell activity around 6:00AM UTC on Friday, December 10th, and since then we’ve been analyzing activity to better understand the tactics, techniques, and procedures (TTPs) used by attackers and help protect our customers.

A Log4Shell attack is conducted in two primary stages involving multiple hosts. In the first stage, a connection is made to a web server, and in the HTTP connection a string is sent which gets logged. This string triggers a vulnerability in the Log4j Java logging code which causes the victim web server to download a binary from a second server, and that binary is executed on the victim web server with the privileges of the web application. Note that after the malicious ...


Copyright of this story solely belongs to expresscomputer.in . To see the full text click HERE