Why The Log4j Exploit Was So Dangerous

preview_player
Показать описание
Why is Log4jShell, or CVE-2021-44228 so dangerous? There are a number of reasons, and we go through them in this video. First, the barrier for attackers to use this exploit is incredibly low and the payoff is incredibly high.This exploit leads to unauthenticated remote code execution (RCE) on systems running log4j, which includes systems running Minecraft and hosting Steam, iCloud, and other apps. Patching can also be a problem for engineering teams, and we go through that here as well.

Ref:

⭐️ Find me at:

Interested in starting a lab or sprucing up your home office? Check out these affiliate links for cool things I highly recommend! These also go to help support the channel!
👇👇👇👇👇👇👇👇👇👇👇

Note: I receive a small commission from any purchases of any of the gear shown in the affiliate link above. This supports the channel and keeps the content free! 😎 Enjoy the quality of this video? Consider getting what I use to make this content!
  1. StudioSec
  2. apache log4j
  3. minecraft exploit
  4. java exploit
  5. log4j exploit
  6. log4j exploit minecraft
Рекомендации по теме
Log4J & JNDI 0:26:31

Log4J & JNDI Exploit: Why So Bad? - Computerphile

Log4j (CVE-2021-44228) RCE 0:03:44

Log4j (CVE-2021-44228) RCE Vulnerability Explained

Apache Log4j: The 0:15:41

Apache Log4j: The Exploit that Almost Killed the Internet

Minecraft Beaten in 0:00:23

Minecraft Beaten in 0:00.050 Using Log4j Exploit

SheHacksPurple: Log4J explained 0:06:37

SheHacksPurple: Log4J explained for Software Developers and AppSec Folks

How Hackers Exploit 0:08:42

How Hackers Exploit Log4J to Get a Reverse Shell (Ghidra Log4Shell Demo) | HakByte

Rules to detect 0:02:53

Rules to detect Log4j Exploits

Log4j Vulnerability Could 0:09:34

Log4j Vulnerability Could Give Hackers Control Over Millions of Devices

Why The Log4j 0:11:31

Why The Log4j Exploit Was So Dangerous

log4j (Log4Shell) Security 0:03:00

log4j (Log4Shell) Security Issue Explained at a High Level

The Log4j Vulnerability 0:22:41

The Log4j Vulnerability Exploit Explained

Log4j Vulnerability (Log4Shell) 0:17:44

Log4j Vulnerability (Log4Shell) Explained // CVE-2021-44228

Understanding the Log4j 0:20:30

Understanding the Log4j Vulnerability | Exploiting VMware VCenter & a reverse shell🔥| Patch NOW!...

Log4j Remote Code 0:00:12

Log4j Remote Code Execution Exploit in Minecraft

Log4J Vulnerability (Log4Shell) 0:20:50

Log4J Vulnerability (Log4Shell) Explained - for Java developers

Log4j 2 RCE 0:00:42

Log4j 2 RCE Exploit PoC (CVE-2021-44832)

The Scariest Week 0:09:48

The Scariest Week in Minecraft History

Apache log4j Vulnerability 0:15:08

Apache log4j Vulnerability Explained

What We've Learned 0:07:43

What We've Learned About The Log4J Exploits So Far

What is Log4j 0:01:01

What is Log4j & why is everyone talking about it? (in 60 seconds)

Log4j Vulnerability | 0:03:34

Log4j Vulnerability | How to protect your Systems and Servers from Log4j | Fix this ASAP!!!

Log4j exploit is 0:00:16

Log4j exploit is so much bigger than you realize. Every company is getting owned

Log4j Exploit / 0:07:13

Log4j Exploit / Vulnerability Explained. Minecraft Infected!

Exploits Explained: How 0:09:08

Exploits Explained: How Log4j, Buffer Overflows and Other Exploits Work

Комментарии
Автор

shout out to all of my fellow cyber-defense warriors. we're at war and no one is comming to aid us.

nelsonjunior
Автор

"An attacker who can control log messages or log message parameters can execute arbitrary code loaded from LDAP servers when message lookup substitution is enabled".
Does this vulnerability require LDAP? Is that installed by default? Am I still vulnerable if I don't have LDAP running?

guy
join shbcf.ru