【図表】 Kinsing Log4Shell exploit and decoded commands Kinsing installer script Other malicious cryptominer installers Researchers and threat actors scanning for vulnerable servers 出典:https://www.bleepingcomputer.com/news/security/hacke…

【ブログ】 ◆Guidance for preventing, detecting, and hunting for CVE-2021-44228 Log4j 2 exploitation (Microsoft, 2021/12/11) https://www.microsoft.com/security/blog/2021/12/11/guidance-for-preventing-detecting-and-hunting-for-cve-2021-44228…

【ブログ】 ◆Log4j / Log4Shell Followup: What we see and how to defend (and how to access our data) (SANS, 2021/12/11) https://isc.sans.edu/forums/diary/Log4j+Log4Shell+Followup+What+we+see+and+how+to+defend+and+how+to+access+our+data/28122…

【ニュース】 ◆Security warning: New zero-day in the Log4j Java library is already being exploited (ZDNet, 2021/12/10) [セキュリティ警告。Javaライブラリ「Log4j」の新たなゼロデイはすでに悪用されている] Severe vulnerability in Java logging li…

【ニュース】 ◆Another Apache Log4j Vulnerability Is Actively Exploited in the Wild (CVE-2021-44228) (Paloalto, 2021/12/10) https://unit42.paloaltonetworks.com/apache-log4j-vulnerability-cve-2021-44228/