The widely used Apache Log4j Java-based logging tool is affected by a critical remote code execution vulnerability that has been increasingly exploited by malicious actors, including to deliver various types of malware.
The vulnerability is tracked as CVE-2021-44228 and it has been dubbed Log4Shell and LogJam. The security hole exposes many organizations to attacks and exploitation is not difficult.
SecurityWeek has compiled a list of tools and other resources that can be useful for defenders concerned about the impact of the Log4Shell vulnerability on their organization.
ICS Vendors Respond to Log4j Vulnerabilities (01.05.2022)
Threat Groups Reportedly Working on Log4Shell Worm (12/16/2021)
Industry Reactions to Log4Shell Vulnerability (12/15/2021)
Useful information and tools
Resources for industrial organizations