404 Not Found
https://logging.apache.org/log4j/2.x/changes-report.html#a2.16.0
CVE - CVE-2021-45046
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45046
GitHub - cisagov/log4j-affected-db: A community sourced list of log4j-affected software
https://github.com/cisagov/log4j-affected-db
Owowa: the add-on that turns your OWA into a credential stealer and remote access panel | Securelist
https://securelist.com/owowa-credential-stealer-and-remote-access/105219/
GitHub - woodpecker-appstore/log4j-payload-generator: Log4j jndi injects the Payload generator
https://github.com/woodpecker-appstore/log4j-payload-generator
Phishing 2021 - A Year in Review - SteveD3.io
https://steved3.io/data/Phishing-2021-Year-In-Review/2021/12/14/
Restrict LDAP access via JNDI by rgoers · Pull Request #608 · apache/logging-log4j2 · GitHub
https://github.com/apache/logging-log4j2/pull/608#issuecomment-993542299
Cyber Santa Is Coming To Town - Hacking Party - YouTube
https://www.youtube.com/watch?v=Q-YxZaiqwBc
log4shell/software at main · NCSC-NL/log4shell · GitHub
https://github.com/NCSC-NL/log4shell/tree/main/software
GitHub - WazeHell/sam-the-admin: Exploiting CVE-2021-42278 and CVE-2021-42287 to impersonate DA from standard domain user
https://github.com/WazeHell/sam-the-admin
一般社団法人日本ハッカー協会 on Twitter: "災害レベルと言われるlog4jの脆弱性に関して、実際に観測された攻撃や様々に難読化された攻撃パターン等、本来であれば広く共有されたほうが望ましいであろう情報が、日本国内では不正指令電磁的記録に該当するのではという懸念のため、公開、共有を躊躇しているというご意見を多く頂いております。" / Twitter
https://twitter.com/JapanhackerA/status/1470229222681878530
The Cyber Startup Observatory - The Global Cyber Innovation Network
https://cyberstartupobservatory.com
vx-underground
https://www.vx-underground.org/
Remote Deserialization Bug in Microsoft's RDP Client through Smart Card Extension (CVE-2021-38666)
https://thalium.github.io/blog/posts/deserialization-bug-through-rdp-smart-card-extension/
Chrome Releases: Stable Channel Update for Desktop
https://chromereleases.googleblog.com/2021/12/stable-channel-update-for-desktop_13.html
Hackers Exploit Log4j Vulnerability to Infect Computers with Khonsari Ransomware
https://thehackernews.com/2021/12/hackers-exploit-log4j-vulnerability-to.html
eXploit – CVE-2021-42287/CVE-2021-42278 Weaponisation
https://exploit.ph/cve-2021-42287-cve-2021-42278-weaponisation.html
Pete Hunt 🚁 on Twitter: "If you're surprised about the log4j vulnerability, just wait until you hear what happens when you put a https://t.co/RHWvUGoI0c.URL into a hashtable" / Twitter
https://twitter.com/floydophone/status/1469775366562541571
Moose on Twitter: "Remember how I was yelling about patching to log4j 2.15 and how we couldn't be friends if you didn't? That, but now please patch to 2.16. 😬 (New patch fully disables JNDI and removes support for Message Lookups) https://t.co/vNzSvdNzx1" / Twitter
https://twitter.com/LitMoose/status/1470821925094146053
KB5008380—Authentication updates (CVE-2021-42287) - Microsoft Support
https://support.microsoft.com/en-us/topic/kb5008380-authentication-updates-cve-2021-42287-9dafac11-e0d0-4cb8-959a-143bd0201041
[ANNOUNCE] Apache Log4j 2.16.0 Released-Apache Mail Archives
https://lists.apache.org/thread/d6v4r6nosxysyq9rvnr779336yf0woz4![[ANNOUNCE] Apache Log4j 2.16.0 Released-Apache Mail Archives](/image/screenshot/12ed5fae4126befb588bf45e980be7b7.webp)
FBI - Tips
http://tips.fbi.gov
Apache Log4j Vulnerability Guidance | CISA
https://go.usa.gov/xeHB2
MalwareBazaar | Browse Checking your browser
https://bit.ly/3m5ToRz
BlueTeam CheatSheet * Log4Shell* | Last updated: 2021-12-20 2238 UTC · GitHub
https://gist.github.com/SwitHak/b66db3a06c2955a9cb71a8718970c592
Jobs at MoonPay
https://boards.greenhouse.io/moonpay/jobs/4784263003
GitHub - Yaxser/COFFLoader2: Load and execute COFF files and Cobalt Strike BOFs in-memory
https://github.com/Yaxser/COFFLoader2
Update Google Chrome to Patch New Zero-Day Exploit Detected in the Wild
https://thehackernews.com/2021/12/update-google-chrome-to-patch-new-zero.html
Capitol Violence — FBI
https://fbi.gov/wanted/capitol-violence
Weixin Official Accounts Platform
https://mp.weixin.qq.com/s/7y-iyMMZAoN4B2dGvCFvXg
December 2021 Security Updates - Release Notes - Security Update Guide - Microsoft
https://msrc.microsoft.com/update-guide/releaseNote/2021-Dec
Cobalt Strike 4.5: Fork&Run - You're "history" | Cobalt Strike
https://www.cobaltstrike.com/blog/cobalt-strike-4-5-fork-run-youre-history/
Steve Ragan on Twitter: "I promised I would write a report covering my phishing research in 2021. That report is now live: https://t.co/rW2oIafdov Shout out to @AmandaFGoedde for helping me edit, as well as @ninoseki for making Miteru, and @urlscanio for creating an awesome tool to help defenders. https://t.co/ffhSUXIhoN" / Twitter
https://twitter.com/steved3/status/1470755455685185536
ThreatFox | 45.146.164.160:1389
https://threatfox.abuse.ch/ioc/275541/
GitHub - kmindi/log4shell-vulnerable-app: Spring Boot web application vulnerable to CVE-2021-44228, nicknamed Log4Shell.
https://github.com/kmindi/log4shell-vulnerable-app
Espionage Campaign Targets Telecoms Organizations across Middle East and Asia | Symantec Enterprise Blogs
https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/espionage-campaign-telecoms-asia-middle-east
Tweet / Twitter
https://twitter.com/ncweaver/status/1470453024870912000
CVE - CVE-2021-44228
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44228
Log4j – Apache Log4j Security Vulnerabilities
https://logging.apache.org/log4j/2.x/security.html
UnpacMe Results 2c568da9e5b57d99dd1934aa7dd4a463bc1d761c236ea89b171e58389ed1e2c9
https://www.unpac.me/results/380dee3a-053b-42f8-9b49-f31b5af77564
Now You Serial, Now You Don’t — Systematically Hunting for Deserialization Exploits | Mandiant
https://www.mandiant.com/resources/hunting-deserialization-exploits
GitHub - Neo23x0/log4shell-detector: Detector for Log4Shell exploitation attempts
https://github.com/Neo23x0/log4shell-detector
Путин сошел с ума, Oxxxymiron, Байден и санкции | Милов по вторникам - YouTube
http://youtu.be/cKdzx3bqy5M
Log4Shell: Reconnaissance and post exploitation network detection – NCC Group Research
https://research.nccgroup.com/2021/12/12/log4shell-reconnaissance-and-post-exploitation-network-detection/
Latest Apple iOS Update Patches Remote Jailbreak Exploit for iPhones
https://thehackernews.com/2021/12/latest-apple-ios-update-patches-remote.html
GitHub - BinaryDefense/log4j-honeypot-flask: Internal network honeypot for detecting if an attacker or insider threat scans your network for log4j CVE-2021-44228
https://github.com/BinaryDefense/log4j-honeypot-flask
Tweet / Twitter
https://twitter.com/tinkersec/status/1470760062159360008
GitHub - fullhunt/log4j-scan: A fully automated, accurate, and extensive scanner for finding log4j RCE CVE-2021-44228
https://github.com/fullhunt/log4j-scan
Microsoft fixes Windows AppX Installer zero-day used by Emotet
https://www.bleepingcomputer.com/news/microsoft/microsoft-fixes-windows-appx-installer-zero-day-used-by-emotet/
No Context Brits on Twitter: "He has a particular set of skills… https://t.co/erhhL02UXJ" / Twitter
https://twitter.com/NoContextBrits/status/1470435040710610949