Log4J Exploit Explained: How it Works, In-Depth Examples, Mitigation, etc.

1:1 Coaching & Resources/Newsletter Sign-up: withsandra.square.site/
Join our Discord :D - discord.gg/2YZUVbbpr9
Patreon (Cyber/tech-career resources) ♡: www.patreon.com/withsandra
Sign up for our email newsletter: withsandra.square.site/email-subscription
Hacker Merch: www.redbubble.com/people/Hackerish/shop

Ransomeware Attack:    • Ransomeware Cyber Attack - Colonial P...

OWASP Top 10 Security Vulns:    • Top 10 Web App Security Vulnerabiliti...
SOC Analyst: Explained:    • What does a SOC Analyst Do? | Salary,...
How I learned to Hack:    • How I Learned How to Hack: CTF Editio...

Career Q&A:    • Career Q&A (Cyber Security): How I Go...
How I passed my Security+ certification exam:    • How I Passed Security+ Certification ...
Security engineers Vs Security analysts:    • Cyber Security Analyst vs Engineer: S...
Coding/cyber bootcamps: Worth it?:    • Can you Find a Job With a Bootcamp in...
Bug bounties for beginners:    • How to Get Started with Bug Bounties ...
How I Learned How to Code:    • How I Learned How to Code: Best Tips ...
Highest paid tech jobs:   • Highest Paying Jobs in Tech (Technica...
How much does cyber security pay:    • Cyber Security Pay | How much do you ...
Why you should learn to code:    • Should You Learn How to Code? | Shoul...
Top 7 Coding Languages for Cyber Security:    • Top 7 Coding Languages for Cyber Secu...

Watch next :) -
How to get your first cyber security job:    • How to find an entry level cyber secu...
Why go into cyber security:    • Why go into Cyber Security | 7 Reason...
Why you shouldn’t go into cyber security:    • Why You Shouldn’t Choose Cyber Securi...
Resume That Got Me My First Cyber Security Job:    • Critiquing My Resume | Reviewing the ...
How to get started in cyber security with no experience:    • How to get a job in cyber security wi...
Top 7 Skills for Cyber Security:    • Top 7 Skills for Cyber Security | Top...
Top 7 Cyber Security Conferences:    • Top 7 Cyber Security Conferences You ...
Security Analyst work vlog:    • Video
Cyber Security Interview Prep:    • Cyber Security Interview Tips | Inter...
Top 7 Jobs in Cyber Security:    • Best Cyber Security Jobs 2021 | Red t...

The SWE vs Cyber series:
Which should I choose - Cyber Security or Software Development?:    • Choosing Between Software Engineer VS...
Cyber Security vs Software Engineer:    • Cyber Security vs Software Engineer |...
SWE Resume vs Cyber Security Resume:    • Cyber Security vs Software Engineer R...
——————————————————

Hey there :) - thanks for watching!
I post videos every Wednesday and Sunday, please subscribe, like, and share if you enjoyed this video! It really supports me and if there are any videos you’d like to see from me, please feel free to drop it down in the comments below and I’ll try my best! ⇩♡

Support the channel ♡ : www.patreon.com/withsandra
1:1 Coaching: withsandra.square.site/
Sign up for my email newsletter: withsandra.square.site/email-subscription

❈ Connect with me ❈
Vlog Channel: youtube.com/channel/UCeo2ChbbwZOBlV-RfUiT7NQ
Blog: www.withlovesandra.com/
Twitch: www.twitch.tv/withlove_sandra/
Advice for Ambition Podcast (Available on any podcast platform):
open.spotify.com/show/0TC8muDSuz8vQ9oZ3V5xJr
My handmade jewelry: www.etsy.com/shop/aimijewelry

❈ Filming Equipment ❈
Camera: amzn.to/3fh56mB
Vlogging Camera: amzn.to/3ocw03s
Phone Tripod: amzn.to/2BTAn0l
Ring Light Tripod: amzn.to/2YpNKgx

❈ All my favorite products ❈
www.amazon.com/shop/withlove.sandra

Buy me a coffee: ko-fi.com/lovesandraxo
My amazon wishlist: www.amazon.com/hz/wishlist/ls/L7GSS1SSLZ5V?ref_=wl…

❈ Discounts/Codes ❈
Robinhood free stock: join.robinhood.com/sandral7
Webull free stock: act.webull.com/n/AIpkhDAtMr2G/of1/
Wealthfront $5,000 invested free www.wealthfront.com/invited/AFFB-7NZX-OKPV-27QG
Yotta Savings (100 free tickets) withyotta.page.link/nSa4S5yCYnEE4Z699

Music: www.bensound.com/

Brand/collaboration inquiries: [email protected]

Disclaimer: This video is not sponsored. Some links are affiliate links which means I earn a small commission if anyone decides to purchase through them. Thank you so much for your support!

Timestamps:
Intro (0:00)
What exactly is log4j? (0:48)
Explaining the exploit (log4shell) (1:48)
How the attack works (technical) (5:52)
Example attack using log4shell (7:42)
Mitigations/patches for log4j (9:30)

Tags: log4j vulnerability explained,log4j vulnerability explained 2021,log4shell vulnerability explained,log4shell vulnerability,log4j vulnerability,what is log4j,what is the log4j vulnerability,what is log4shell,what is the log4shell vulnerability,log4j exploit explained,log4j exploit explained 2021,log4shell exploit explained,log4shell exploit,log4j exploit,what is log4j,what is the log4j exploit,what is log4shell,what is the log4shell exploit,log4shell exploit,understanding the log4j vulnerability,understanding the log4j exploit,biggest exploits of 2021,biggest vulnerabilities of 2021,biggest vulnerability of 2021,biggest exploit of 2021

@WithSandra 2 years ago

Has your org been affected by the log4j exploit? What are some other big exploits you’d like me to cover? 💻💡

@uncleelder4922 1 year ago

I viewed about 6 videos on log4j before this one. This one so far is the most useful and concise

@chikaacholonu4613 2 years ago

I loved how you broke it down. I'd been trying to wrap my head around it for a week now...lol

@vulnerabilitycsrf 2 years ago

Thanks for the simple explanation and explanation of attack vectors. How should I format my home office for entry level SOC analyst: two screens, RAM requirements, 1 TB of storage?

@themistoclesnelson2163 2 years ago

Thank you for the explanation :) I appreciate it is much shorter than the others.

@paulagiglio4461 2 years ago

This was a great explanation and very helpful. Thank you!

@subhamroy5368 2 years ago

Thanks for the detailed video 🔥

@indermatharu4671 2 years ago

Great explanation, thank you!

@Thejaslane91 2 years ago

Glad you talked about this. Work has been atrocious this last week 🤯

@yungjohnathan1188 2 years ago

Thorough explanation. Thanks 😎

@bjkorb7272 2 years ago

Thanks for making this video!

@seyznet7183 2 years ago

You’re so brilliant ❤️✨👏🏽

@craigheard2504 2 years ago

Thank U Sandra. Great explanation. 👍🏽.

@gurvirsingh4190 2 years ago

Great explanation 🔥🔥

@ankhcreations 2 years ago

Thanks for sharing

@AlexiMinko-Legault 1 year ago

Would this exploit explain why JS scripts with contents exhibiting malicious to suspicious behavior (remote control executions, hook api calls, calls an API to take screenshot etc...) might appear out of nowhere on a computer via drive accounts?