Skip to content
Good Tech Master | How to | Technology | Tutorials | Helpful Guides

Good Tech Master | How to | Technology | Tutorials | Helpful Guides

To provide technology guides and helpful information.

  • Home
  • Connect
  • Utilities & Tools
  • Toggle search form
  • ASUS ROG Maximus Z690 Hero Issue 90MB18E0-MVAAY0 PC Hardware
  • Top 5 Free Firewalls for Windows in 2022 Cybersecurity
  • How to Select a Graphics Card (GPU) for a Gaming PC in 2022? PC Hardware
  • Best Cheapest PC Builds for Far Cry 6 (Under $2,000) PC Hardware
  • How to Build a Full PC Game Streaming Setup from Start to Finish How To
  • How to Fix Fortnite Lag Issues in Chapter 3, Season: 2 (April-June, 2022) How To
  • Leaked benchmarks for Intel ARC A380 desktop graphics PC Hardware
  • Unreal Engine 5 – Graphics Cards PC Hardware

Log4j and Log4Shell Vulnerability

Posted on December 13, 2021December 14, 2021 By Gustav Eriksson

Log4j is a logging tool that is a part of the Apache Logging Services and one of several Java logging frameworks. It is based off of the Java programming language and is present in millions of applications and services. Log4Shell is the name of the vulnerability that was found with Log4j.

The vulnerability, known as CVE-2021-44228 or Log4Shell vulnerability allows an attacker to inject a special string into the logging server which gives it the ability to execute code and install software that can be used for remote access and other malicious activities like deploying ransomware. The vulnerability was first discovered on Minecraft servers, when attackers were posting special strings in chat that would allow them to exploit those systems. The discovery may have happened as early as December 2nd and was published on December 9th, 2021. Many are saying that this could be the worst vulnerability in the past decade due to its broad deployment across millions of applications. Apple, Amazon, Cloudflare, Twitter, Steam, Minecraft, SonicWall, VMware, cPanel and many other companies have released statements about their use and remediation of Log4j. As a preventative measure, Quebec had shut down roughly 4,000 of its websites to determine the impact of the Log4Shell vulnerability. It has also been reported that Log4Shell has the capability to exfiltrate AWS secrets. 

Attackers are currently using Botnets to scan the internet looking for indications of Log4j so that it can be exploited.  

As a remediation goes, organizations are urged to look for Log4j and patch it with release 2.15.0. This may be a challenge for many organizations, however as it may not be immediately clear how many applications use Log4j.  

For more details visit the following pages:

Statement from CISA Director Easterly on “Log4j” Vulnerability | CISA

(1) Log4j 0day being exploited : blueteamsec (reddit.com)

GitHub – authomize/log4j-log4shell-affected: Lists of affected components and affected apps/vendors by CVE-2021-44228 (aka Log4shell or Log4j RCE). This list is meant as a resource for security responders to be able to find and address the vulnerability

(Visited 70 times, 1 visits today)
Cybersecurity Tags:log4j, log4shell, vulnerabilities

Post navigation

Previous Post: Beginners Guide to Overclocking Your CPU
Next Post: Top 10 Reasons Log4Shell is So BAD

Related Posts

  • Best Free Antivirus Software for 2022 Cybersecurity
  • Top 5 Free Firewalls for Windows in 2022 Cybersecurity
  • Top 10 Reasons Log4Shell is So BAD Cybersecurity
  • Beginners Guide to VPNs Cybersecurity

Recommended Affiliates
Good Tech Master is reader-supported. We earn a small commission when you purchase services through our affiliate links. We only make recommendations for services we truly believe in. Click here to learn more.

  • NordVPN - #1 Recommended

Categories

  • Breaking News
  • Cybersecurity
  • How To
  • IT Certifications
  • PC Hardware
  • Technology Trends
  • Windows

Most Recent

  • Asus ROG Announces the First 500hz Monitor, But Does It Really Matter? Can We See a Difference with 500Hz?
  • Fortnite and the Future of the Metaverse
  • Review: The Ultimate Prebuilt Gaming PC for Elden Ring
  • Review: Top 5 AMD and NVIDIA Graphics Cards (GPUs) for Elden Ring
  • How to Build a Full PC Game Streaming Setup from Start to Finish
Join the community group
  • Will My Graphics Card Handle Unreal Engine 5 (UE5)? PC Hardware
  • Will HP ENVY x360 Convert 15-es1035nr Play Fortnite? PC Hardware
  • How to Speed Up Windows 11 and Increase PC Performance How To
  • How to Check Your BIOS for TPM 2.0 How To
  • How to Select SSD Drives – Advice for 2022 PC Hardware
  • Top 5 Gaming PCs Under $1,500 in 2022 PC Hardware
  • Top 5 Graphics Cards for AMD and NVIDIA in 2022 PC Hardware
  • Troubleshooting Guide: How to Fix ‘PC Randomly Crashes While Gaming’ How To

Copyright © 2022 Good Tech Master | Disclaimer | Privacy Policy | Affiliate Disclosure |

Powered by PressBook News WordPress theme

We use cookies on our website to give you the most relevant experience by remembering your preferences and repeat visits. By clicking “Accept”, you consent to the use of ALL the cookies.
Do not sell my personal information.
Cookie SettingsAccept
Manage consent

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. These cookies ensure basic functionalities and security features of the website, anonymously.
CookieDurationDescription
cookielawinfo-checkbox-analytics11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional11 monthsThe cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy11 monthsThe cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.
Functional
Functional cookies help to perform certain functionalities like sharing the content of the website on social media platforms, collect feedbacks, and other third-party features.
Performance
Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.
Analytics
Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics the number of visitors, bounce rate, traffic source, etc.
Advertisement
Advertisement cookies are used to provide visitors with relevant ads and marketing campaigns. These cookies track visitors across websites and collect information to provide customized ads.
Others
Other uncategorized cookies are those that are being analyzed and have not been classified into a category as yet.
SAVE & ACCEPT