Analysts discovered a new FritzFrog malware sample that uses exploitation of Log4Shell and PwnKit flaws for self-propagation| Gridinsoft Blogs
Log4Shell, formally known as CVE-2021-44228 seems to be the next big vulnerability that affects a huge number of systems, and the affected component, Log4j gets involved in logging untrusted data by design. This results in lots of vulnerable hosts that are hidden in the sense that naive testing won’t find them, as it’s not trivial to know which part of a complex parsing path (potentially involving multiple systems) is vulnerable. We built and released our new open source tool to find thes...| Silent Signal Techblog
A walkthrough of using the new Log4Shell Alpha Active Scan rule with the ZAP Automation Framework.| ZAP