Aktuele cybersecurity informatie: https://github.com/NCSC-NL

### Log4j vulnerabilities opgelost voor:

1. Platforms van Lowell (8 ODI workstation VM en 4 Odi Servers), Private Cloud Vodaphone Frankfurt.
2. Platforms onder beheerd Dictu Data diensten

Log4J tijdlijn:

This repo contains operational information regarding the Log4shell vulnerability in the Log4j logging library. Especially CVE-2021-44228 / CVE-2021-45046 and also covers CVE-2021-4104 / CVE-2021-45105. For additional information see:

• NCSC-NL advisory
• MITRE
• EU CSIRT network members advisories, maintained by ENISA
• Log4shell vulnerability overview

For affected organisations and CISOs searching for concise mitigation guidance, the Log4Shell for OES - Full presentation slides for CISOs and techies describes the vulnerability and explains all steps necessary to successfully mitigate the vulnerability (patching is not enough).

Directory | Purpose -- | -- hunting | Contains info regarding hunting for exploitation iocs | Contains any Indicators of Compromise, such as scanning IPs, etc detection & mitigation | Contains info regarding detection and mitigation, such as regexes for detecting scanning activity and more scanning | Contains references to methods and tooling used for scanning for the Log4j vulnerability software | Contains a list of known vulnerable and not vulnerable software tools | Contains a list of tools for automatically parsing info on this repo

Please note that these directories are not complete, and are currently being expanded.

NCSC-NL has published a HIGH/HIGH advisory for the Log4j vulnerability. Normally we would update the HIGH/HIGH advisory for vulnerable software packages, however due to the extensive amounts of expected updates we have created a list of known vulnerable software in the software directory.

Log4shell vulnerabilities (CVE-2021-44228, CVE-2021-45046, CVE-2021-4104, CVE-2021-45105) This repo contains operational information regarding the Log4shell vulnerability in the Log4j logging library. Especially CVE-2021-44228 / CVE-2021-45046 and also covers CVE-2021-4104 / CVE-2021-45105. For additional information see:

NCSC-NL advisory MITRE EU CSIRT network members advisories, maintained by ENISA Log4shell vulnerability overview For affected organisations and CISOs searching for concise mitigation guidance, the Log4Shell for OES - Full presentation slides for CISOs and techies describes the vulnerability and explains all steps necessary to successfully mitigate the vulnerability (patching is not enough).

Repository contents Directory Purpose hunting Contains info regarding hunting for exploitation iocs Contains any Indicators of Compromise, such as scanning IPs, etc detection & mitigation Contains info regarding detection and mitigation, such as regexes for detecting scanning activity and more scanning Contains references to methods and tooling used for scanning for the Log4j vulnerability software Contains a list of known vulnerable and not vulnerable software tools Contains a list of tools for automatically parsing info on this repo Please note that these directories are not complete, and are currently being expanded.

NCSC-NL has published a HIGH/HIGH advisory for the Log4j vulnerability. Normally we would update the HIGH/HIGH advisory for vulnerable software packages, however due to the extensive amounts of expected updates we have created a list of known vulnerable software in the software directory.