log4j-vulnerability
Okay, so y’all have probably heard about this 10/10 critical security breach 💀

Here some sources about it :

Run a vulnerable log4j instance (at your own risks !)
Cloudflare blog article for a better understanding (complete, as usual 😌)
Another good article
• Some lists of IP’s catched for using the breach [1] [2] (regularly updated)
A vaccine for it
fail2ban filter rule (blocks anyone who wants to use the exploit)
Full list of infos/ressources about it ❗
Another complete list of ressources ❗
Tool for finding if the breach is present on your organization [tool made by the CISA 😳]
Unusual : the exploit can be used through iPhones and Tesla 😂🥲
A variant of the breach
6 months after, this flaw is still actively used

The solution is obviously to update Apache 🤓
Good luck if you’re facing this

We use Cloudflare Web Analytics to collect anonymous data about your usage of this website. Are you okay with this ?