Log4j Update: Threat to Local Hosts – ThreatX Response

LAST UPDATED Dec 18, 2021

Researchers have discovered a new attack vector that may allow an attacker to trigger the Log4j vulnerability within localhosts.

ThreatX CISO Andrew Usekas confirms: “This is a variant of the same Log4j vulnerability, but using localhost (127.0.0.1) to bypass restrictions. While the intent is to exploit services on the local host, we have confirmed that the rules we developed in response to the original vulnerability protect customers against this new attack vector.”

Read more about this new attack vector here: https://threatpost.com/new-log4shell-attack-vector-local-hosts/177128/

Tags

About the Author