https://vicenteherrera.com/blog/Vicente Herrera personal blog. 2023-11-06T18:36:04+01:00 Vicente Herrera https://vicenteherrera.com/blog/ Jekyll © 2023 Vicente Herrera /blog/assets/img/favicons/favicon.ico /blog/assets/img/favicons/favicon-96x96.png 2023-06-27T23:45:00+02:00 2023-07-14T09:32:59+02:00 https://vicenteherrera.com/blog/log4j-part-iii/ Vicente Herrera

Wow, more than a year without writing anything more, and even leaving a three-part blog post unfinished… So what happened? Well, I started a new job, which requires a lot of focus as the beginning is crucial. All the time I had for starting the blog and writing the first articles was indeed because I already had left the old one and was waiting for the new job. A year of many interesting thin...

2022-02-01T22:25:00+01:00 2023-07-01T13:16:51+02:00 https://vicenteherrera.com/blog/log4j-part-ii/ Vicente Herrera

Sorry, I couldn’t resist using a photo of a masked man operating in the dark several computers while standing up. It won’t happen again. In this second post about the Log4j 2 vulnerabilities, I will describe technical details of the remote code execution, as well as present a proof of concept using Kubernetes that is very easy to deploy, safe to run in a test environment, and very useful to te...

2021-12-17T17:30:00+01:00 2023-07-01T13:16:51+02:00 https://vicenteherrera.com/blog/log4j-part-i/ Vicente Herrera

On the 9th of December 2021, a critical update because a vulnerability was published for the popular open source Log4j 2 library. The next day it was classified as CVE‑2021‑44228. Some people started calling it “log4shell”, as it allowed very easily to do a remote code execution attack. Days later several new vulnerability reports and patches would be published for this and related projects. T...

2021-12-06T05:20:00+01:00 2023-06-28T08:15:03+02:00 https://vicenteherrera.com/blog/what-is-a-cve/ Vicente Herrera

You are playing Cyberpunk 2077, and on the introductory mission, you have to steal a car. After using an electronic tool first to open its door, you get inside, and while the hijack takes place, a message appears on the sophisticated onscreen display of the car: RUN:EXPLOIT.CVE-0322.B/055BCCAC9FEC/LOADING That sounds familiar, isn’t it? You are trying to figure out the numbers written the...

2021-11-25T19:34:00+01:00 2022-02-02T18:31:38+01:00 https://vicenteherrera.com/blog/intro-mitre-attack/ Vicente Herrera

When you start working on cybersecurity, you for sure start seeing references to things like privilege escalation, lateral movement, or exfiltration continuously. As categories for security tools, rules, or types of attacks, with mentions to something called MITRE. Then you head to the MITRE ATT&CK website and discover a treasure of useful information. But it is a huge amount of it, and in...