LetsDefend Monitoring Alert
Log4j RCE Exploit
Dec, 11, 2021, 10:41 AM
Event ID: 111
Event Time: Dec, 11, 2021, 10:41 AM
Rule Name: SOC161 - Log4j RCE Exploit
Alert Type: Generic
MITRE Technique:
T1059 - Execution - Command and Scripting Interpreter,
T1071 - Command and Control - Application Layer Protocol,
T1190 - Initial Access - Exploit Public-Facing Application,
T1587 - Resource Development - Develop Capabilities,
Real World Example:⭐ This CVE affected lots of big companies including Fortune 500
Severity: Critical
Incident Responder