Log4shell, Log4j exploit or Log4what, is that a new crossfit trend? - podcast episode cover

Log4shell, Log4j exploit or Log4what, is that a new crossfit trend?

USB our Guest - Cyber security Best Practices and News
Feb 19, 20226 minSeason 1Ep. 38
--:--
--:--
Listen in podcast apps:
Apple Podcasts
Spotify
Download
YouTube
Overcast
Pocket Casts
Episodes.fm
Download Metacast podcast app
Listen to this episode in Metacast mobile app
Don't just listen to podcasts. Learn from them with transcripts, summaries, and chapters for every episode. Skim, search, and bookmark insights. Learn more

Episode description

Today’s episode covers the vulnerability affecting Java logging package, Log4j. This episode took a little longer to make than expected due to its complexity. Please see links below used to create the episode.

TryHackMe’s Solar, exploiting log4j https://tryhackme.com/room/solar

The Log4J Vulnerability Will Haunt the Internet for Years https://www.wired.com/story/log4j-log4shell/

Huntress Log4Shell Vulnerability Tester https://log4shell.huntress.com/

Apache logging services https://logging.apache.org/

The Apache Software Foundation https://www.apache.org/

USB our Guest - Episode 22 Updates - https://anchor.fm/usbog/episodes/Software-Updates-emgnsh

Log4j Attack surface - https://github.com/YfryTchsGD/Log4jAttackSurface

Log4j - Apache Log4j Security Vulnerabilities - https://logging.apache.org/log4j/2.x/security.html

JDBC Appender https://logging.apache.org/log4j/2.x/manual/appenders.html#JDBCAppender

Apache Log4j Security Vulnerabilities https://logging.apache.org/log4j/2.x/security.html

What is JDBC? https://www.ibm.com/docs/en/informix-servers/12.10?topic=started-what-is-jdbc

Lesson: Overview of JNDI https://docs.oracle.com/javase/tutorial/jndi/overview/index.html

W3Schools - Addressing https://www.w3.org/Addressing/URL/uri-spec.html

Amazon Affiliate link - https://amzn.to/3rpF5KI


For the best experience, listen in Metacast app for iOS or Android