Log4Shell & Log4j Explained - ThreatWire (AUDIO ONLY) (Patreon)

Log4Shell & Log4j Explained, Google Disrupts Major Botnet, and NPM Packages Steal Discord Creds! All that coming up now on ThreatWire.

 #threatwire #hak5

Links:

Weekly security and privacy news, brought to you by Shannon Morse. ThreatWire is a weekly news journalism show covering security and privacy topics for network admins, information security professionals, and consumers.

Watch this on youtube (video may be “private” until the scheduled publish time): https://youtu.be/ysFB6JKTs5U

Shop ThreatWire Merch Directly! - https://snubsie.com/shop

Shop ThreatWire Merch on Teespring! - https://morsecode.creator-spring.com/ 

Support ThreatWire!  https://www.patreon.com/threatwire 

Follow Shannon on Social Media: https://snubsie.com/links 

Links:

https://arstechnica.com/information-technology/2021/12/minecraft-and-other-apps-face-serious-threat-from-new-code-execution-bug/

https://github.com/tangxiaofeng7/CVE-2021-44228-Apache-Log4j-Rce

https://www.randori.com/blog/cve-2021-44228/

https://arstechnica.com/information-technology/2021/12/the-log4shell-zeroday-4-days-on-what-is-it-and-how-bad-is-it-really/

https://www.lunasec.io/docs/blog/log4j-zero-day/

https://twitter.com/chvancooten/status/1469340927923826691

https://twitter.com/AlyssaM_InfoSec/status/1470463098523955202

https://twitter.com/llkkaT/status/1470411739829350407

https://twitter.com/eastdakota/status/1469800951351427073

https://github.com/YfryTchsGD/Log4jAttackSurface

https://gist.github.com/SwitHak/b66db3a06c2955a9cb71a8718970c592

https://www.bleepingcomputer.com/news/security/hackers-start-pushing-malware-in-worldwide-log4shell-attacks/

https://www.microsoft.com/security/blog/2021/12/11/guidance-for-preventing-detecting-and-hunting-for-cve-2021-44228-log4j-2-exploitation/

https://nakedsecurity.sophos.com/2021/12/13/log4shell-explained-how-it-works-why-you-need-to-know-and-how-to-fix-it/

https://blog.google/technology/safety-security/new-action-combat-cyber-crime/

https://blog.google/threat-analysis-group/disrupting-glupteba-operation/

https://storage.googleapis.com/gweb-uniblog-publish-prod/documents/1_Complaint.pdf

https://www.cnet.com/tech/google-breaks-up-botnet-infecting-1-million-devices/

https://arstechnica.com/information-technology/2021/12/malicious-packages-sneaked-into-npm-repository-stole-discord-tokens/

https://jfrog.com/blog/malicious-npm-packages-are-after-your-discord-tokens-17-new-packages-disclosed/

https://thehackernews.com/2021/12/over-dozen-malicious-npm-packages.html

Hak5 -- Cyber Security Education, Inspiration, News & Community since 2005:

-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆

Our Site → https://www.hak5.org

Shop →  http://hakshop.myshopify.com/

Subscribe → https://www.youtube.com/user/Hak5Darren?sub_confirmation=1

Support → https://www.patreon.com/threatwire

Contact Us → http://www.twitter.com/hak5

Threat Wire RSS → https://shannonmorse.podbean.com/feed/

Threat Wire iTunes → https://itunes.apple.com/us/podcast/threat-wire/id1197048999

-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆

____________________________________________

Founded in 2005, Hak5's mission is to advance the InfoSec industry. We do this through our award winning educational podcasts, leading pentest gear, and inclusive community – where all hackers belong.