Share via

"Log4j vulnerability exploit aka Log4Shell IP IOC involving one user"

Zenzele Mdakane 20 Reputation points
2025-04-15T17:19:19.45+00:00

Hi how do we go about resolving ( The detection rule "Log4j vulnerability exploit aka Log4Shell IP IOC involving one user" in Microsoft Sentinel identifies potential exploitation attempts of the Log4Shell vulnerability (CVE-2021-44228) by monitoring for indicators of compromise (IOCs) associated with a specific user account) Suspicious IP Address :185.220.101.25) will blocking the IP address, running full AV scan, request user to change password be the solution or what

Microsoft Security Microsoft Sentinel
0 comments
Accepted answer
  1. Clive Watson 7,866 Reputation points MVP Volunteer Moderator
    2025-04-16T09:21:05.8566667+00:00
    0 comments

0 additional answers

Sort by: Most helpful
Most helpful Newest Oldest

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.