Log4J Exploit Explained: How it Works, In-Depth Examples, Mitigation, etc. | Log4Shell Vulnerability
Vložit
- čas přidán 10. 07. 2024
- 1:1 Coaching & Resources/Newsletter Sign-up: withsandra.square.site/
Join our Discord :D - / discord
Patreon (Cyber/tech-career resources) ♡: / withsandra
Sign up for our email newsletter: withsandra.square.site/email-...
Hacker Merch: www.redbubble.com/people/Hack...
Ransomeware Attack: • Ransomeware Cyber Atta...
OWASP Top 10 Security Vulns: • Top 10 Web App Securit...
SOC Analyst: Explained: • What does a SOC Analys...
How I learned to Hack: • How I Learned How to H...
Career Q&A: • Career Q&A (Cyber Secu...
How I passed my Security+ certification exam: • How I Passed Security+...
Security engineers Vs Security analysts: • Cyber Security Analyst...
Coding/cyber bootcamps: Worth it?: • Can you Find a Job Wit...
Bug bounties for beginners: • How to Get Started wit...
How I Learned How to Code: • How I Learned How to C...
Highest paid tech jobs: • Highest Paying Jobs in...
How much does cyber security pay: • Cyber Security Pay | H...
Why you should learn to code: • Should You Learn How t...
Top 7 Coding Languages for Cyber Security: • Top 7 Coding Languages...
Watch next :) -
How to get your first cyber security job: • How to find an entry l...
Why go into cyber security: • Why go into Cyber Secu...
Why you shouldn’t go into cyber security: • Why You Shouldn’t Choo...
Resume That Got Me My First Cyber Security Job: • Critiquing My Resume |...
How to get started in cyber security with no experience: • How to get a job in cy...
Top 7 Skills for Cyber Security: • Top 7 Skills for Cyber...
Top 7 Cyber Security Conferences: • Top 7 Cyber Security C...
Security Analyst work vlog: • Video
Cyber Security Interview Prep: • Cyber Security Intervi...
Top 7 Jobs in Cyber Security: • Best Cyber Security Jo...
The SWE vs Cyber series:
Which should I choose - Cyber Security or Software Development?: • Choosing Between Softw...
Cyber Security vs Software Engineer: • Cyber Security vs Soft...
SWE Resume vs Cyber Security Resume: • Cyber Security vs Soft...
------------------
Hey there :) - thanks for watching!
I post videos every Wednesday and Sunday, please subscribe, like, and share if you enjoyed this video! It really supports me and if there are any videos you’d like to see from me, please feel free to drop it down in the comments below and I’ll try my best! ⇩♡
Support the channel ♡ : / withsandra
1:1 Coaching: withsandra.square.site/
Sign up for my email newsletter: withsandra.square.site/email-...
❈ Connect with me ❈
Vlog Channel: czcams.com/channels/eo2.html...
Blog: www.withlovesandra.com/
Twitch: / withlove_sandra
Advice for Ambition Podcast (Available on any podcast platform):
open.spotify.com/show/0TC8muD...
My handmade jewelry: www.etsy.com/shop/aimijewelry
❈ Filming Equipment ❈
Camera: amzn.to/3fh56mB
Vlogging Camera: amzn.to/3ocw03s
Phone Tripod: amzn.to/2BTAn0l
Ring Light Tripod: amzn.to/2YpNKgx
❈ All my favorite products ❈
www.amazon.com/shop/withlove....
Buy me a coffee: ko-fi.com/lovesandraxo
My amazon wishlist: www.amazon.com/hz/wishlist/ls...
❈ Discounts/Codes ❈
Robinhood free stock: join.robinhood.com/sandral7
Webull free stock: act.webull.com/n/AIpkhDAtMr2G...
Wealthfront $5,000 invested free www.wealthfront.com/invited/A...
Yotta Savings (100 free tickets) withyotta.page.link/nSa4S5yCY...
Music: www.bensound.com
Brand/collaboration inquiries: hello@withlovesandra.com
Disclaimer: This video is not sponsored. Some links are affiliate links which means I earn a small commission if anyone decides to purchase through them. Thank you so much for your support!
Timestamps:
Intro (0:00)
What exactly is log4j? (0:48)
Explaining the exploit (log4shell) (1:48)
How the attack works (technical) (5:52)
Example attack using log4shell (7:42)
Mitigations/patches for log4j (9:30)
Tags: log4j vulnerability explained,log4j vulnerability explained 2021,log4shell vulnerability explained,log4shell vulnerability,log4j vulnerability,what is log4j,what is the log4j vulnerability,what is log4shell,what is the log4shell vulnerability,log4j exploit explained,log4j exploit explained 2021,log4shell exploit explained,log4shell exploit,log4j exploit,what is log4j,what is the log4j exploit,what is log4shell,what is the log4shell exploit,log4shell exploit,understanding the log4j vulnerability,understanding the log4j exploit,biggest exploits of 2021,biggest vulnerabilities of 2021,biggest vulnerability of 2021,biggest exploit of 2021 - Věda a technologie
Has your org been affected by the log4j exploit? What are some other big exploits you’d like me to cover? 💻💡
I have a question, is it essential for cybersecurity to learn how to build a website or software? or I just need to know how they work?
Rockstar currently dealing with this issue. All this week many people playing GTA Online multiplayer have seen their characters stats modified such as money and level. Some people can't login. The launcher doesn't recognize their email. Rockstar Games sent out a Tweet that they are working on a fix.
I loved how you broke it down. I'd been trying to wrap my head around it for a week now...lol
Thank you for watching Chika! Yeah same haha I’ve been working through it this week but really tried to understand how it worked step by step before making this video, appreciate your support!
I viewed about 6 videos on log4j before this one. This one so far is the most useful and concise
This was a great explanation and very helpful. Thank you!
Thank you Paula! Glad it was helpful :)
Thanks for the detailed video 🔥
Thanks so much for watching! 😁
Thank you for the explanation :) I appreciate it is much shorter than the others.
You’re so brilliant ❤️✨👏🏽
Thanks so much for watching! :)
Great explanation, thank you!
Thanks so much for watching! :)
Thanks for making this video!
Np thanks so much for watching!😁
Thorough explanation. Thanks 😎
Thanks so much for watching! 😁😁
Thank U Sandra. Great explanation. 👍🏽.
Thanks so much Craig! ☺️
Glad you talked about this. Work has been atrocious this last week 🤯
Thanks for watching Jas! And same here LOL.. everyone I talked to this past week was roped into this exploit in someway, hopefully its only uphill from here!
Thanks for the simple explanation and explanation of attack vectors. How should I format my home office for entry level SOC analyst: two screens, RAM requirements, 1 TB of storage?
Great explanation 🔥🔥
Thank you Gurvir! 😁
Thanks!
Thanks so much for watching Melvin! 😁
Thanks for sharing
Thanks so much for watching Andre! 😁
This was really interesting. Thank you beautiful lady and hope you guys are doing well!
Thank you so much for watching John! Appreciate your support as always :)
Would this exploit explain why JS scripts with contents exhibiting malicious to suspicious behavior (remote control executions, hook api calls, calls an API to take screenshot etc...) might appear out of nowhere on a computer via drive accounts?
I would Love to watch you stream, but great video
Thanks so much for watching Jerry! :) Appreciate your support, and might consider streaming sometime next year haha
nice content , i have 5+ experience in IT support with sec+ network+ and ccna certificates , ist enough to get me started with cyber security ?
Aren’t you already qualified lol??
This reminds me of shellshock. Simple but devastating
I agree! The worse part of it all is how easy it is for someone to point it to some malicious code they’re hosting at some url. Thanks so much for watching!
@@WithSandra Welcome. If you really think about it, the exploit exists at the interface between two tech stacks . One wonders which other exploits can be created this way; by exploiting interfaces between 2 different technologies which independently are not insecure
What solutions you guys are using to prevent this?
Hi Muhammad, thanks for watching! The best recommendation is to download the latest patch from Apache
Hi Sandra
Hi Yelamareddy! Thanks for watching 😁
ugh, so much data and information about ourselves is out there.... *sigh*
F*ck Ransomware.
I never used log4j.
Thank you. Respectfully are u single. I am very interested in getting to know you.
Thanks for watching! I’m happily taken :)
@Super Mario Damn. Why u hating on love fam. Relax. I'm not ashamed to emote Super Mario.