Meta: Curated by @tsudo (twitter / github) | Gist Link | Last Updated: 2021-12-15
CVE-2021-44228 link CVSS3.x 10.0 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
- LunaSec Detection and Mitigation Writeup
- CISA Guidance
- SANS Emergency Webcast
- Cert.sh
- Staggering stats from Checkpoint
- Lots of rules from NCC group blogpost
- Canary Tokens
- Grep
- Public list of IOC feeds and threat reports
- CloudFlare says they see traffic back to 12/1, 9 days before public disclosure - source, More from CF
- GreyNoise is sharing every IP that they see exploiting the vuln - source
- v1 is not vulnerable per founder source
- Blue Team Cheatsheet
- List of Affected Software
Tags: #log4j #vulnerabilities