Posts

Showing posts from December, 2021

What is Log4j Vulnerability ?

Image
Log4j also know as Log4Shell is one of the recent type of hac*ing methology which is initiated by Apache. What is Log4J attack? This is an open-source logging library, which is used by almost all major Java-based enterprise apps and servers across the industry. A logging library is used to keep track of all the activity inside an application. The flaw allows any hacker or cyber-criminal to control and execute ‘arbitrary code’ and gain access to a computer system by inputting a string of code into the library. This attack exploits the Log4j vulnerability to download a Trojan malware, which triggers a download of an .exe file, which in turn installs a crypto-miner. Once the crypto-miner is installed, it starts using the victim’s resources in order to mine for cryptocurrency for the attackers’ profit, all without the victim knowing they have been compromised The vulnerability is also dubbed as Log4Shell and was first highlighted by researchers at LunaSec. The issue was discovered in Micro