Cybereason Security Researchers Release a Tool to Mitigate the Critical Log4Shell Vulnerability
Cybereason security researchers have released a 'vaccine' that can be used to remotely mitigate the critical 'Log4Shell' Apache Log4j code execution vulnerability. The vulnerability is very easy to exploit for threat actors by changing their web browser's user agent and visiting a vulnerable site, so Friday evening Cybereason has released a script that "fixes" the vulnerability by exploiting the vulnerable server. The project name is Logout4Shell, and it allows you to mitigate the vulnerability without having to patch log4j to 2.15.0 and above. Read more...