{"id":1456,"date":"2021-12-17T22:31:00","date_gmt":"2021-12-17T22:31:00","guid":{"rendered":"https:\/\/www.pax8.com\/future-blog\/log4shell-exploit\/"},"modified":"2023-05-17T14:57:25","modified_gmt":"2023-05-17T14:57:25","slug":"log4shell-exploit","status":"publish","type":"post","link":"https:\/\/www.pax8.com\/blog\/log4shell-exploit\/","title":{"rendered":"Lessons learned\u00a0from\u00a0the first days of Log4Shell"},"content":{"rendered":"

Turning\u00a0our focus to\u00a0the industry’s response.<\/p>\n

It was the shot heard\u00a0’round the\u00a0cyber world.<\/p>\n

Flashback to Friday, December 10.\u00a0Most of us were just waking up\u00a0and\u00a0looking forward to that first sip of coffee.\u00a0Instead,\u00a0we were served a huge cup of WTF reality.\u00a0The\u00a0CVE-2021-44228 vulnerability<\/span><\/a> \u2014 a.k.a. Log4Shell \u2014 was disclosed, and the cyber world exploded. This was an entirely new exploit with a 10 CVSS severity rating \u2014 and the Apache Software Foundation probably would have given it an 11 if they could.\u00a0\u00a0<\/span><\/p>\n

What makes this zero-day vulnerability so sobering is the expansiveness of its potential reach and the ubiquitousness of ways the triggering JNDI might access a system. Java itself boasts running on “billions of devices” and every one of them could potentially be vulnerable to this flaw. The nomenclature and syntax aspects make Log4Shell so wildly executable. The chat in Minecraft, the best-selling video game of all time, was a vehicle for logging it. People were even putting it on their license plates hoping a traffic camera would capture and log it.<\/p>\n

So how DID the channel respond, and what can we learn from this\u00a0experience?<\/p>\n

LESSON 1:\u00a0The Channel is\u00a0an\u00a0Amazing\u00a0Ecosystem<\/h2>\n

A threat\u00a0this wide-reaching\u00a0could potentially cripple the software and cyber industry,\u00a0but\u00a0the channel’s response was the opposite of what the public might expect. Before many of us\u00a0even\u00a0had time to process what\u00a0Log4Shell\u00a0meant and what we were going to do, the channel ramped up and\u00a0began\u00a0working\u00a0full-bore\u00a0on solutions.<\/p>\n

Three or four different GitHub repositories\u00a0came out\u00a0almost\u00a0instantly looking for\u00a0the\u00a0Log4J\u00a0vulnerabilities from the outside world and testing them.\u00a0Proof of concept code\u00a0was\u00a0happening by 10:00\u00a0am\u00a0MT.\u00a0In less than an hour and a half, we saw at least five different\u00a0videos from\u00a0John Hammond and his team\u00a0on ways to\u00a0address\u00a0the threat.\u00a0Most impressive was Huntress\u00a0releasing a free-to-all\u00a0Log4Shell tester<\/span><\/a>\u00a0before\u00a0the end of\u00a0day one.
\nThere’s a strong sense of comradery and shared\u00a0responsibility\u00a0that permeates the\u00a0channel, and it was on full display starting Friday, December 10\u00a0when even competitors\u00a0banded together.\u00a0It’s been amazing to see\u00a0all the ways\u00a0different providers\u00a0are\u00a0working\u00a0together to\u00a0quickly\u00a0create\u00a0tools\u00a0to address this\u00a0threat.\u00a0We’ve seen people working to educate each other,\u00a0coming together to talk about the risk and what can be done.\u00a0A\u00a0palpable energy\u00a0currently exists\u00a0in the channel that\u00a0we’ve never seen\u00a0before.<\/p>\n

LESSON 2:\u00a0The Importance of\u00a0Transparency<\/h2>\n

Another hugely impressive response to the Log4Shell vulnerability has been the transparency of communications coming from vendors and providers. Understandably, MSPs were frantically trying to figure out if they and their clients were affected, and what they needed to do. Overall, the channel displayed an impressive level of emotional intelligence in addressing the feelings of uncertainty, confusion, and even panic that this threat created.\u00a0\u00a0<\/span><\/p>\n

One of the first responses\u00a0that caught our attention\u00a0was from\u00a0ConnectWise<\/span><\/a>, who quickly pushed out an initial notification that the vulnerability existed and that they were attacking the problem. What was essentially just a “We know it’s happening, but we don’t know much more right now,” message went a long way to easing the minds of those potentially affected. ConnectWise followed this up with well-cadenced updates throughout the day that kept their partners apprised of ongoing developments. We watched the maturity of the message grow with each communication as they started to learn more about the threat and provide actual details. As a security professional, I always want to know where my risk is, and ConnectWise did an excellent job of answering that.<\/p>\n

At Pax8, we chose a different approach, releasing a one-time\u00a0statement to our partners<\/span><\/a>\u00a0once\u00a0our SecOps and engineering teams were able to\u00a0rapidly assess our exposure,\u00a0update our\u00a0platform, implement security measures to mitigate the risk,\u00a0and verify the absence of any malicious exploitation.<\/p>\n

 <\/p>\n

If you are a Pax8 partner and have questions or concerns about the CVE-2021-44228 (Log4Shell) vulnerability, please reach out to your Client Account Manager.<\/h3>\n

 <\/p>\n

When it came to Log4Shell-related communications, Pax8 Manager of Cloud Solutions Dominic Kirby had his own amazing end user experience from Jefferson County Public Schools, which is one of the largest K\u201312 school districts in the state of Colorado. He received a phone notification from the district to check his email, in which they explained what was happening in plain language: that there was a vulnerability, so the district had decided to temporarily remove public access to their portals in order to safeguard student and other personal data.\u00a0<\/span><\/p>\n

\u00a0<\/span><\/p>\n

“Pulling the entire system down was a tough, courageous decision to make, but Jeffco did it, and I’m really happy about that. As someone whose kids are in that system, I’m glad they made a decision to protect the information.”<\/h3>\n

\u2013 Dominic Kirby, Father and Pax8 Manager of Cloud Solutions<\/h4>\n

 <\/p>\n

The takeaway here is that\u00a0the worst thing we can do is not respond at all \u2013 people just want to know that we are aware and\u00a0taking action, even if we don’t have all the answers yet. Whether\u00a0it’s a cadenced response\u00a0with ongoing updates,\u00a0a single communication, or\u00a0some other\u00a0approach, we need to\u00a0maintain strong lines of communication.\u00a0Prompt,\u00a0well-planned\u00a0communication\u00a0lets\u00a0partners and their\u00a0clients\u00a0understand\u00a0the threat,\u00a0empowers\u00a0them\u00a0to\u00a0take\u00a0actions of their own, and builds trust.<\/p>\n

LESSON 3: We\u00a0Need to Build on this Momentum<\/h2>\n

In the response to the Log4Shell vulnerability, we’ve seen\u00a0the channel\u00a0utilizing\u00a0muscles\u00a0that we haven’t seen flexed at this speed\u00a0before. While\u00a0impressive, it\u00a0should\u00a0also\u00a0be a wakeup call\u00a0that,\u00a0as an industry,\u00a0we\u00a0still\u00a0have a lot of growing to\u00a0do.\u00a0We\u00a0need to\u00a0keep\u00a0building\u00a0the muscles\u00a0required\u00a0to respond to\u00a0incidents like this, and it\u00a0has\u00a0to\u00a0become\u00a0part of our day-to-day priorities.<\/p>\n

We\u00a0need to make\u00a0vulnerability management a\u00a0core\u00a0part of what\u00a0we do, and we need to continue to\u00a0develop\u00a0defensible strategies. We\u00a0also\u00a0need to have these conversations with our clients, so we can\u00a0teach and educate\u00a0them. We need to\u00a0see that\u00a0our\u00a0responses are\u00a0crafted in a way that\u00a0our partners\u00a0can say, “Yes I was impacted,”\u00a0or\u00a0“No I wasn’t.”<\/p>\n

 <\/p>\n

The\u00a0speed in which we’re increasing our capabilities in the MSP space\u00a0blows my mind, and I love seeing it.<\/h3>\n

 <\/p>\n

We are\u00a0starting to see the signs of life of an operational capacity inside our industry that is more than just nascent working-side\u00a0execution.\u00a0This shouldn’t just be a crisis response that we develop. We need to carry this approach into our every-day work.<\/p>\n

LESSON 4: Bringing MSPs into the Equation<\/h2>\n

While there isn’t a whole lot MSPs can do about Log4Shell beyond enumeration of their client environments and scanning for exploitation, this provides a chance for them to step in and be more actively involved in the cybersecurity community.<\/p>\n

This is a perfect time for a tabletop exercise.\u00a0Every MSP\u00a0should\u00a0look at each of\u00a0the\u00a0vulnerable and vital applications\u00a0they\u00a0run\u00a0and\u00a0see\u00a0what\u00a0the\u00a0response was from\u00a0each of those\u00a0companies.\u00a0How did they\u00a0respond?\u00a0Did they push out a response?\u00a0Did their response help address your questions and your fears?<\/p>\n

Another thing MSPs\u00a0should\u00a0do is start digging into\u00a0the\u00a0assessment\u00a0capabilities of\u00a0their\u00a0own tool set.\u00a0Find out\u00a0if you\u00a0have the\u00a0ability\u00a0to\u00a0look back into your\u00a0history and\u00a0ask,\u00a0“Did anybody inject something that matches this syntax?”\u00a0If you can’t do that,\u00a0take\u00a0it\u00a0as a sign that you need to increase your capabilities.<\/p>\n

This is a terrific opportunity for MSPs to take a greater role in the channel, to pull a seat up to the table, to be part of the conversation. MSPs have just as much skin in the game and can be a perfect resource for helping shape the future of the channel.<\/p>\n

Defining the Legacy of\u00a0Log4Shell<\/h2>\n

In no way is this the first cyber risk we’ve faced this year. It’s actually been a fairly average year with just under 50,000 CVSS disclosed software security risks. Log4Shell just happens to be a security risk with the potential to touch almost every aspect of people’s business and personal lives.<\/p>\n

While we\u00a0won’t\u00a0know the\u00a0full effect of the Log4Shell exploit for\u00a0quite a\u00a0while\u00a0(if ever),\u00a0we can and should use this experience as an opportunity to\u00a0examine our actions, both as individual providers and\u00a0collectively\u00a0as a\u00a0channel. This could be a watershed moment where we embrace the wins, learn from the fails,\u00a0and build a stronger, more sustainable channel of the future.<\/p>\n

Dive deeper with the Pax8 team<\/h2>\n

Check out the recording of the December 13 livestream during which our own Dominic Kirby, Matt Lee and Ryan Cromar discuss some of the technical aspects of Log4Shell, what it means for the cyber world, and how the channel responded.<\/span><\/p>\n

Watch the video<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

Turning\u00a0our focus to\u00a0the industry’s response. It was the shot heard\u00a0’round the\u00a0cyber world. Flashback to Friday, December 10.\u00a0Most of us were just waking up\u00a0and\u00a0looking forward to that first sip of coffee.\u00a0Instead,\u00a0we were served a huge cup of WTF reality.\u00a0The\u00a0CVE-2021-44228 vulnerability \u2014 a.k.a. Log4Shell \u2014 was disclosed, and the cyber world exploded. This was an entirely new […]<\/p>\n","protected":false},"author":141,"featured_media":332,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"_relevanssi_hide_post":"","_relevanssi_hide_content":"","_relevanssi_pin_for_all":"","_relevanssi_pin_keywords":"","_relevanssi_unpin_keywords":"","_relevanssi_related_keywords":"","_relevanssi_related_include_ids":"","_relevanssi_related_exclude_ids":"","_relevanssi_related_no_append":"","_relevanssi_related_not_related":"","_relevanssi_related_posts":"","_relevanssi_noindex_reason":"","site-sidebar-layout":"default","site-content-layout":"default","ast-site-content-layout":"default","site-content-style":"default","site-sidebar-style":"default","ast-global-header-display":"","ast-banner-title-visibility":"","ast-main-header-display":"","ast-hfb-above-header-display":"","ast-hfb-below-header-display":"","ast-hfb-mobile-header-display":"","site-post-title":"","ast-breadcrumbs-content":"","ast-featured-img":"","footer-sml-layout":"","ast-disable-related-posts":"","theme-transparent-header-meta":"default","adv-header-id-meta":"","stick-header-meta":"","header-above-stick-meta":"","header-main-stick-meta":"","header-below-stick-meta":"","astra-migrate-meta-layouts":"default","ast-page-background-enabled":"default","ast-page-background-meta":{"desktop":{"background-color":"var(--ast-global-color-4)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"ast-content-background-meta":{"desktop":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"footnotes":""},"categories":[5],"tags":[],"class_list":["post-1456","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-security"],"acf":[],"yoast_head":"\nLessons learned\u00a0from\u00a0the first days of Log4Shell - Pax8 Blog<\/title>\n<meta name=\"description\" content=\"One week after the Log4Shell exploit, let\u2019s look at what we can learn as a channel from our initial response.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.pax8.com\/blog\/log4shell-exploit\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Lessons learned\u00a0from\u00a0the first days of Log4Shell - Pax8 Blog\" \/>\n<meta property=\"og:description\" content=\"One week after the Log4Shell exploit, let\u2019s look at what we can learn as a channel from our initial response.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.pax8.com\/blog\/log4shell-exploit\/\" \/>\n<meta property=\"og:site_name\" content=\"Pax8 Blog\" \/>\n<meta property=\"article:published_time\" content=\"2021-12-17T22:31:00+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2023-05-17T14:57:25+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.pax8.com\/blog\/wp-content\/uploads\/sites\/13\/2023\/03\/Log4Shell_Blog.png\" \/>\n\t<meta property=\"og:image:width\" content=\"600\" \/>\n\t<meta property=\"og:image:height\" content=\"314\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"author\" content=\"narnold\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"narnold\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"7 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.pax8.com\\\/blog\\\/log4shell-exploit\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.pax8.com\\\/blog\\\/log4shell-exploit\\\/\"},\"author\":{\"name\":\"narnold\",\"@id\":\"https:\\\/\\\/www.pax8.com\\\/blog\\\/#\\\/schema\\\/person\\\/4f1f5ecebcf730cc2be7b763a310a63c\"},\"headline\":\"Lessons learned\u00a0from\u00a0the first days of Log4Shell\",\"datePublished\":\"2021-12-17T22:31:00+00:00\",\"dateModified\":\"2023-05-17T14:57:25+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.pax8.com\\\/blog\\\/log4shell-exploit\\\/\"},\"wordCount\":1519,\"publisher\":{\"@id\":\"https:\\\/\\\/www.pax8.com\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.pax8.com\\\/blog\\\/log4shell-exploit\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.pax8.com\\\/blog\\\/wp-content\\\/uploads\\\/sites\\\/13\\\/2023\\\/03\\\/Log4Shell_Blog.png\",\"articleSection\":[\"Security\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.pax8.com\\\/blog\\\/log4shell-exploit\\\/\",\"url\":\"https:\\\/\\\/www.pax8.com\\\/blog\\\/log4shell-exploit\\\/\",\"name\":\"Lessons learned\u00a0from\u00a0the first days of Log4Shell - Pax8 Blog\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.pax8.com\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.pax8.com\\\/blog\\\/log4shell-exploit\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.pax8.com\\\/blog\\\/log4shell-exploit\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.pax8.com\\\/blog\\\/wp-content\\\/uploads\\\/sites\\\/13\\\/2023\\\/03\\\/Log4Shell_Blog.png\",\"datePublished\":\"2021-12-17T22:31:00+00:00\",\"dateModified\":\"2023-05-17T14:57:25+00:00\",\"description\":\"One week after the Log4Shell exploit, let\u2019s look at what we can learn as a channel from our initial response.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.pax8.com\\\/blog\\\/log4shell-exploit\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.pax8.com\\\/blog\\\/log4shell-exploit\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.pax8.com\\\/blog\\\/log4shell-exploit\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.pax8.com\\\/blog\\\/wp-content\\\/uploads\\\/sites\\\/13\\\/2023\\\/03\\\/Log4Shell_Blog.png\",\"contentUrl\":\"https:\\\/\\\/www.pax8.com\\\/blog\\\/wp-content\\\/uploads\\\/sites\\\/13\\\/2023\\\/03\\\/Log4Shell_Blog.png\",\"width\":600,\"height\":314},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.pax8.com\\\/blog\\\/log4shell-exploit\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.pax8.com\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Lessons learned\u00a0from\u00a0the first days of Log4Shell\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.pax8.com\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.pax8.com\\\/blog\\\/\",\"name\":\"Pax8 Blog\",\"description\":\"Where IT pros go to keep up with the cloud\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.pax8.com\\\/blog\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.pax8.com\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.pax8.com\\\/blog\\\/#organization\",\"name\":\"Pax8 Blog\",\"url\":\"https:\\\/\\\/www.pax8.com\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.pax8.com\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.pax8.com\\\/blog\\\/wp-content\\\/uploads\\\/sites\\\/13\\\/2023\\\/03\\\/pax8-logo-white-blog-300x300-1.png\",\"contentUrl\":\"https:\\\/\\\/www.pax8.com\\\/blog\\\/wp-content\\\/uploads\\\/sites\\\/13\\\/2023\\\/03\\\/pax8-logo-white-blog-300x300-1.png\",\"width\":300,\"height\":300,\"caption\":\"Pax8 Blog\"},\"image\":{\"@id\":\"https:\\\/\\\/www.pax8.com\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.pax8.com\\\/blog\\\/#\\\/schema\\\/person\\\/4f1f5ecebcf730cc2be7b763a310a63c\",\"name\":\"narnold\",\"url\":\"https:\\\/\\\/www.pax8.com\\\/blog\\\/author\\\/narnold\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Lessons learned\u00a0from\u00a0the first days of Log4Shell - Pax8 Blog","description":"One week after the Log4Shell exploit, let\u2019s look at what we can learn as a channel from our initial response.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.pax8.com\/blog\/log4shell-exploit\/","og_locale":"en_US","og_type":"article","og_title":"Lessons learned\u00a0from\u00a0the first days of Log4Shell - Pax8 Blog","og_description":"One week after the Log4Shell exploit, let\u2019s look at what we can learn as a channel from our initial response.","og_url":"https:\/\/www.pax8.com\/blog\/log4shell-exploit\/","og_site_name":"Pax8 Blog","article_published_time":"2021-12-17T22:31:00+00:00","article_modified_time":"2023-05-17T14:57:25+00:00","og_image":[{"width":600,"height":314,"url":"https:\/\/www.pax8.com\/blog\/wp-content\/uploads\/sites\/13\/2023\/03\/Log4Shell_Blog.png","type":"image\/png"}],"author":"narnold","twitter_card":"summary_large_image","twitter_misc":{"Written by":"narnold","Est. reading time":"7 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.pax8.com\/blog\/log4shell-exploit\/#article","isPartOf":{"@id":"https:\/\/www.pax8.com\/blog\/log4shell-exploit\/"},"author":{"name":"narnold","@id":"https:\/\/www.pax8.com\/blog\/#\/schema\/person\/4f1f5ecebcf730cc2be7b763a310a63c"},"headline":"Lessons learned\u00a0from\u00a0the first days of Log4Shell","datePublished":"2021-12-17T22:31:00+00:00","dateModified":"2023-05-17T14:57:25+00:00","mainEntityOfPage":{"@id":"https:\/\/www.pax8.com\/blog\/log4shell-exploit\/"},"wordCount":1519,"publisher":{"@id":"https:\/\/www.pax8.com\/blog\/#organization"},"image":{"@id":"https:\/\/www.pax8.com\/blog\/log4shell-exploit\/#primaryimage"},"thumbnailUrl":"https:\/\/www.pax8.com\/blog\/wp-content\/uploads\/sites\/13\/2023\/03\/Log4Shell_Blog.png","articleSection":["Security"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.pax8.com\/blog\/log4shell-exploit\/","url":"https:\/\/www.pax8.com\/blog\/log4shell-exploit\/","name":"Lessons learned\u00a0from\u00a0the first days of Log4Shell - Pax8 Blog","isPartOf":{"@id":"https:\/\/www.pax8.com\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.pax8.com\/blog\/log4shell-exploit\/#primaryimage"},"image":{"@id":"https:\/\/www.pax8.com\/blog\/log4shell-exploit\/#primaryimage"},"thumbnailUrl":"https:\/\/www.pax8.com\/blog\/wp-content\/uploads\/sites\/13\/2023\/03\/Log4Shell_Blog.png","datePublished":"2021-12-17T22:31:00+00:00","dateModified":"2023-05-17T14:57:25+00:00","description":"One week after the Log4Shell exploit, let\u2019s look at what we can learn as a channel from our initial response.","breadcrumb":{"@id":"https:\/\/www.pax8.com\/blog\/log4shell-exploit\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.pax8.com\/blog\/log4shell-exploit\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.pax8.com\/blog\/log4shell-exploit\/#primaryimage","url":"https:\/\/www.pax8.com\/blog\/wp-content\/uploads\/sites\/13\/2023\/03\/Log4Shell_Blog.png","contentUrl":"https:\/\/www.pax8.com\/blog\/wp-content\/uploads\/sites\/13\/2023\/03\/Log4Shell_Blog.png","width":600,"height":314},{"@type":"BreadcrumbList","@id":"https:\/\/www.pax8.com\/blog\/log4shell-exploit\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.pax8.com\/blog\/"},{"@type":"ListItem","position":2,"name":"Lessons learned\u00a0from\u00a0the first days of Log4Shell"}]},{"@type":"WebSite","@id":"https:\/\/www.pax8.com\/blog\/#website","url":"https:\/\/www.pax8.com\/blog\/","name":"Pax8 Blog","description":"Where IT pros go to keep up with the cloud","publisher":{"@id":"https:\/\/www.pax8.com\/blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.pax8.com\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.pax8.com\/blog\/#organization","name":"Pax8 Blog","url":"https:\/\/www.pax8.com\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.pax8.com\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.pax8.com\/blog\/wp-content\/uploads\/sites\/13\/2023\/03\/pax8-logo-white-blog-300x300-1.png","contentUrl":"https:\/\/www.pax8.com\/blog\/wp-content\/uploads\/sites\/13\/2023\/03\/pax8-logo-white-blog-300x300-1.png","width":300,"height":300,"caption":"Pax8 Blog"},"image":{"@id":"https:\/\/www.pax8.com\/blog\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/www.pax8.com\/blog\/#\/schema\/person\/4f1f5ecebcf730cc2be7b763a310a63c","name":"narnold","url":"https:\/\/www.pax8.com\/blog\/author\/narnold\/"}]}},"_links":{"self":[{"href":"https:\/\/www.pax8.com\/blog\/wp-json\/wp\/v2\/posts\/1456","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.pax8.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.pax8.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.pax8.com\/blog\/wp-json\/wp\/v2\/users\/141"}],"replies":[{"embeddable":true,"href":"https:\/\/www.pax8.com\/blog\/wp-json\/wp\/v2\/comments?post=1456"}],"version-history":[{"count":0,"href":"https:\/\/www.pax8.com\/blog\/wp-json\/wp\/v2\/posts\/1456\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.pax8.com\/blog\/wp-json\/wp\/v2\/media\/332"}],"wp:attachment":[{"href":"https:\/\/www.pax8.com\/blog\/wp-json\/wp\/v2\/media?parent=1456"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.pax8.com\/blog\/wp-json\/wp\/v2\/categories?post=1456"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.pax8.com\/blog\/wp-json\/wp\/v2\/tags?post=1456"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}