Dear Recipient,

Last Thursday, 9^th December, researchers at LunaSec first detected the remote code execution vulnerability against Apache Log4j, one of the most severe security vulnerabilities yet (CVE-2021-44228). Since Log4j is a widely adopted Java library used in many commercial and open-source software products as a logging framework, one must assume that any larger organisation is affected. The criticality of the vulnerability was rated 10/10 in CVSS, as it can be exploited from remote by an unauthenticated adversary to execute arbitrary code (RCE).

How ExeonTrace can support Threat Hunting and Detection of the Log4j Exploit

By analysing network logs, ExeonTrace can detect suspicious connections triggered by internal servers and threat hunt the malicious Java application loaded by the Log4j exploit. Read more on the Log4j exploit and how ExeonTrace supports threat hunting and detection in this article.

Independent of this exploit, ExeonTrace’s proven and future-proof algorithms continuously monitor the network for signs of internal reconnaissance and lateral movement. There is no known Log4j vulnerability in ExeonTrace, thanks to its hardened configuration. We are at your disposal for any support we can provide to detect this highly damaging exploit.

Best wishes and stay safe!

P.S. There is no known Log4j vulnerability in ExeonTrace, thanks to its hardened configuration.

About Exeon