all InfoSec news
The Race to the Vulnerable: Measuring the Log4j Shell Incident. (arXiv:2205.02544v1 [cs.CR])
May 6, 2022, 1:20 a.m. | Raphael Hiesgen, Marcin Nawrocki, Thomas C. Schmidt, Matthias Wählisch
cs.CR updates on arXiv.org arxiv.org
The critical remote-code-execution (RCE) Log4Shell is a severe vulnerability
that was disclosed to the public on December 10, 2021. It exploits a bug in the
wide-spread Log4j library. Any service that uses the library and exposes an
interface to the Internet is potentially vulnerable.
In this paper, we measure the rush of scanners during the two months after
the disclosure. We use several vantage points to observe both researchers and
attackers. For this purpose, we collect and analyze payloads sent …
More from arxiv.org / cs.CR updates on arXiv.org
Jobs in InfoSec / Cybersecurity
SOC 2 Manager, Audit and Certification
@ Deloitte | US and CA Multiple Locations
Security Operations Manager (f/d/m), 80-100%
@ Alpiq | Lausanne, CH
Project Manager - Cyber Security
@ Quantrics Enterprises Inc. | Philippines
Sr. Principal Application Security Engineer
@ Gen | DEU - Tettnang, Kaplaneiweg
(Senior) Security Architect Car IT/ Threat Modelling / Information Security (m/f/x)
@ Mercedes-Benz Tech Innovation | Ulm
Information System Security Officer
@ ManTech | 200AE - 375 E St SW, Washington, DC