View in browser
Logo_exeon_SCS_pos

Dear Recipient,

Last Thursday, 9th December, researchers at LunaSec first detected the remote code execution vulnerability against Apache Log4j, one of the most severe security vulnerabilities yet (CVE-2021-44228). Since Log4j is a widely adopted Java library used in many commercial and open-source software products as a logging framework, one must assume that any larger organisation is affected. The criticality of the vulnerability was rated 10/10 in CVSS, as it can be exploited from remote by an unauthenticated adversary to execute arbitrary code (RCE).

 

csm_AdobeStock_443702077_f7dd7e4123

How ExeonTrace can support Threat Hunting and Detection of the Log4j Exploit

By analysing network logs, ExeonTrace can detect suspicious connections triggered by internal servers and threat hunt the malicious Java application loaded by the Log4j exploit. Read more on the Log4j exploit and how ExeonTrace supports threat hunting and detection in this article.

Independent of this exploit, ExeonTrace’s proven and future-proof algorithms continuously monitor the network for signs of internal reconnaissance and lateral movement. There is no known Log4j vulnerability in ExeonTrace, thanks to its hardened configuration. We are at your disposal for any support we can provide to detect this highly damaging exploit.

 

Best wishes and stay safe!

 

P.S. There is no known Log4j vulnerability in ExeonTrace, thanks to its hardened configuration.

About Exeon

   
 

CISOs and security teams have a hard time protecting their corporate networks. Be it through third-party software, legacy systems or phishing emails to employees – hackers always find ways to enter corporate networks. Therefore, detecting cyberattacks in the network before precious data is stolen or costly ransomware campaigns are launched is of utmost importance. Based on more than ten years of award-winning research at ETH Zurich, Exeon strengthens the cyber resilience of corporates around the globe with its future-proof Network Detection & Response solution: completely hardware-free, deployed in hours and proven in global corporate networks. www.exeon.com.

 

Exeon Analytics AG, contact@exeon.com, Grubenstrasse 12, Zürich, 8045, Switzerland

Unsubscribe Manage preferences