Incident Response Blog: Log4j - Cyber Threat Alliance

1.0Cyber Threat Alliancehttps://www.cyberthreatalliance.orgIncident Response Blog: Log4j - Cyber Threat Alliancerich600338<blockquote class="wp-embedded-content" data-secret="9RxfRwcahq"><a href="https://www.cyberthreatalliance.org/incident-response-blog-log4j/">Incident Response Blog: Log4j</a></blockquote><iframe sandbox="allow-scripts" security="restricted" src="https://www.cyberthreatalliance.org/incident-response-blog-log4j/embed/#?secret=9RxfRwcahq" width="600" height="338" title="“Incident Response Blog: Log4j” — Cyber Threat Alliance" data-secret="9RxfRwcahq" frameborder="0" marginwidth="0" marginheight="0" scrolling="no" class="wp-embedded-content"></iframe><script nonce="2ce19bea8f"> /*! This file is auto-generated */ !function(d,l){"use strict";l.querySelector&&d.addEventListener&&"undefined"!=typeof URL&&(d.wp=d.wp||{},d.wp.receiveEmbedMessage||(d.wp.receiveEmbedMessage=function(e){var t=e.data;if((t||t.secret||t.message||t.value)&&!/[^a-zA-Z0-9]/.test(t.secret)){for(var s,r,n,a=l.querySelectorAll('iframe[data-secret="'+t.secret+'"]'),o=l.querySelectorAll('blockquote[data-secret="'+t.secret+'"]'),c=new RegExp("^https?:$","i"),i=0;i<o.length;i++)o[i].style.display="none";for(i=0;i<a.length;i++)s=a[i],e.source===s.contentWindow&&(s.removeAttribute("style"),"height"===t.message?(1e3<(r=parseInt(t.value,10))?r=1e3:~~r<200&&(r=200),s.height=r):"link"===t.message&&(r=new URL(s.getAttribute("src")),n=new URL(t.value),c.test(n.protocol))&&n.host===r.host&&l.activeElement===s&&(d.top.location.href=t.value))}},d.addEventListener("message",d.wp.receiveEmbedMessage,!1),l.addEventListener("DOMContentLoaded",function(){for(var e,t,s=l.querySelectorAll("iframe.wp-embedded-content"),r=0;r<s.length;r++)(t=(e=s[r]).getAttribute("data-secret"))||(t=Math.random().toString(36).substring(2,12),e.src+="#?secret="+t,e.setAttribute("data-secret",t)),e.contentWindow.postMessage({message:"ready",secret:t},"*")},!1)))}(window,document); //# sourceURL=https://www.cyberthreatalliance.org/wp-includes/js/wp-embed.min.js </script> https://www.cyberthreatalliance.org/wp-content/uploads/2020/12/AdobeStock_271033455-scaled-1.jpeg25601707A zero-day vulnerability (CVE-2021-44228) has been discovered in Apache Log4j. Apache Log4j is a java-based logging utility. It is widely used in cloud and enterprise software services. Exploit code has been shared publicly and multiple actors are attempting to exploit the vulnerability. The vulnerability has the potential to allow unauthenticated remote code execution (RCE) on nearly … Continued