Summary As your company winds down for the holiday season, like clockwork, another fresh CVE with publicly available exploit code drops. The Apache Log4j exploit (CVE-2021-44832), also dubbed as Log4Shell, had widespread fallout as a result of the exploit being made publicly available, and organizations are still dealing with the associated problems even months later. This talk will discuss three unique scenarios observed as a result of Log4j being exploited on VMWare Horizon servers and include 1) exploitation for persistent access via a webshell, 2) exploitation leading to a Cobalt Strike beacon, and 3) exploitation leading to a cryptocurrency miner. The talk will demonstrate the exploit chain, artifacts of each investigation, and how you can detect the activity in your network using commercially available tools such as Microsoft Defender ATP, CrowdStrike Falcon, Carbon Black, and FireEye HX. On top of that, sources for threat intelligence pertinent to these types of attacks will also be discussed, as well as prevention mechanisms.
Directed : Unknown
Written : Unknown
Stars : Michael Goetzman J. Wolfgang Goerlich John Platais Lesley Carhart
Genres : Documentary
Release date : Feb 13, 2023
Countries of origin : United States
Official sites : CypherCon is a hacker conference emphasizing creativity and ingenuity.
Language : English
Filming locations : 400 W Wisconsin Ave, Milwaukee, Wisconsin, USA
Production companies : Video Workbench Productions
Summary As your company winds down for the holiday season, like clockwork, another fresh CVE with publicly available exploit code drops. The Apache Log4j exploit (CVE-2021-44832), also dubbed as Log4Shell, had widespread fallout as a result of the exploit being made publicly available, and organizations are still dealing with the associated problems even months later. This talk will discuss three unique scenarios observed as a result of Log4j being exploited on VMWare Horizon servers and include 1) exploitation for persistent access via a webshell, 2) exploitation leading to a Cobalt Strike beacon, and 3) exploitation leading to a cryptocurrency miner. The talk will demonstrate the exploit chain, artifacts of each investigation, and how you can detect the activity in your network using commercially available tools such as Microsoft Defender ATP, CrowdStrike Falcon, Carbon Black, and FireEye HX. On top of that, sources for threat intelligence pertinent to these types of attacks will also be discussed, as well as prevention mechanisms.
Genres : Documentary
Release date : Feb 13, 2023
Countries of origin : United States
Official sites : CypherCon is a hacker conference emphasizing creativity and ingenuity.
Language : English
Filming locations : 400 W Wisconsin Ave, Milwaukee, Wisconsin, USA
Production companies : Video Workbench Productions
