| [1] | Verizon (2021) 2021 Data Breach Investigations Report. https://www.verizon.com/business/resources/reports/dbir/
|
| [2] | Mordor Intelligence (2021) Hybrid Cloud Market, In-dustry Share, Size, Growth Mordor Intelligence.
|
| [3] | Casey, K. (2020) Hybrid Cloud by the Numbers, 2020: 10 Stats to See. https://enterprisersproject.com/article/2020/7/hybrid-cloud-10-statistics
|
| [4] | Firewall, C.X. (2021) Configuring Site to Site IPSec VPN Tunnel between Cisco Routers.
https://www.firewall.cx/cisco-technical-knowledgebase/cisco-routers
/867-cisco-router-site-to-site-ipsec-vpn.html
|
| [5] | Cisco Networking Academy (2014) Hierarchical Network Design Overview (1.1)>Cisco Networking Academy Connecting Net-works Companion Guide: Hierarchical Network De-sign.https://www.ciscopress.com/articles/article.asp?p=2202410&seqNum=4
|
| [6] | Dell Technologies (2021) PowerEdge FX Series—Enterprise Servers.
https://www.delltechnologies.com/en-us/servers/modular-
infrastructure/poweredge-fx/index.htm
|
| [7] | Dignan, L. (2021) Top Cloud Providers in 2021: AWS, Microsoft Azure, and Google Cloud, Hybrid, SaaS Players. https://www.zdnet.com/article/the-top-cloud-providers-of-2021-aws-microsoft-azure-google-cloud-hybrid-saas/
|
| [8] | AWS (2017) AWS Identity & Access Management. Amazon Web Services, Inc. https://aws.amazon.com/iam/
|
| [9] | AWS (2017) AWS Transit Gateway—Amazon Web Services. Amazon Web Services, Inc. https://aws.amazon.com/transit-gateway/
|
| [10] | AWS (2018) Amazon CloudWatch—Application and Infrastructure Moni-toring. Amazon Web Services, Inc. https://aws.amazon.com/cloudwatch/
|
| [11] | Robinson, T. (2021) Apache Log4j Threat-ens, Well, Everything. Security Boulevard.
https://securityboulevard.com/2021/12/apache-log4j-threatens-well-everything/
|
| [12] | Mcwhirt, M. and Hultquist, J. (2021) Log4Shell Initial Exploitation and Mitigation Recommendations. Mandiant. https://www.mandiant.com/resources/log4shell-recommendations
|
| [13] | Yan, T., et al. (2021) Apache Log4j Vulnerability CVE-2021-44228: Analysis and Mitigations. Unit42, 10-Dec-2021. https://unit42.paloaltonetworks.com/apache-log4j-vulnerability-cve-2021-44228/
|
| [14] | Cisco Systems (2021) Cisco Secu-rity Advisory: Vulnerabilities in Apache Log4j Library Affecting Cisco Products: December 2021. Cisco, 10-Dec-2021. https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEb
|
| [15] | YfryTchsGD (2022) Log4jAttackSurface. https://github.com/YfryTchsGD/Log4jAttackSurface
|
| [16] | MITRE (2021) CVE-CVE-2021-44228. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44228
|
| [17] | NIST (2021) NVD-CVE-2021-44228. https://nvd.nist.gov/vuln/detail/CVE-2021-44228
|
| [18] | NIST (2021) NVD-CVE-2021-45046. https://nvd.nist.gov/vuln/detail/CVE-2021-45046
|
| [19] | Leonjza (2021) Apache Log4j2 2.14.1—Information Disclosure. Exploit Database, 14-Dec-2021. https://www.exploit-db.com/exploits/50590
|
| [20] | Mandiant (2021) Report—Mandiant Advantage. https://advantage.mandiant.com/reports/21-00026146
|
| [21] | APWG (2021) Phishing Activity Trend Report APWG ORG 2021. https://docs.apwg.org/reports/apwg_trends_report_q2_2021.pdf
|
| [22] | Uehara, K., Mukaiyama, K., Fu-jita, M., Nishikawa, H., Yamamoto, T., Kawauchi, K., et al. (2020) Basic Study on Targeted E-Mail Attack Method Using OSINT. In: Advances in Intelligent Systems and Computing, Springer, 1329-1341. https://doi.org/10.1007/978-3-030-15032-7_111
|
| [23] | Microsoft (2021) Widespread Credential Phishing Campaign Abuses Open Redirector Links. Microsoft Security Blog, 26-Aug-2021.
https://www.microsoft.com/security/blog/2021/08/26/widespread-
credential-phishing-campaign-abuses-open-redirector-links/
|
| [24] | Terranova Security (2021) 2020 Phishing Benchmark Global Report. https://terranovasecurity.com/wp-content/uploads/2021/01/GPT-2020-Report-EN-1.pdf
|
| [25] | Proofpoint (2021) 2021 State of the Phish, an In-Depth Look at User Awareness, Vulnerability and Resilience.
|
| [26] | Ponemon Institute (2021) The 2021 Cost of Phishing Study. https://www.proofpoint.com/sites/default/files/analyst-reports/pfpt-us-ar-ponemon-2021-cost-of-phishing-study.pdf
|
| [27] | Center for Internet Security (2021) CIS Critical Security Controls® v8 CIS Critical Security Controls. CIS, May 2021.
|
| [28] | Wortley, F., Thompson, C. and Allison, F. (2021) Guide: How to Detect and Mitigate the Log4Shell Vulnerability (CVE-2021-44228 & CVE-2021-45046). https://www.lunasec.io/docs/blog/log4j-zero-day-mitigation-guide/
|
| [29] | Fox-It (2021) Log4j-Finder. GitHub. https://github.com/fox-it/log4j-finder
|
| [30] | Gabor, G. and Bluehs, A. (2021) CVE-2021-44228—Log4j RCE 0-Day Mitigation. The Cloudflare Blog. http://blog.cloudflare.com/cve-2021-44228-log4j-rce-0-day-mitigation/
|
| [31] | Market Screener (2021) Cisco: Protecting against Log4j with Secure Firewall & Secure IPS. Market Screener.
https://www.marketscreener.com/quote/stock/CISCO-SYSTEMS-INC-4862/news
/Cisco-Protecting-against-Log4j-with-Secure-Firewall-Secure-IPS-37309859/
|
| [32] | Manraj, B. (2021) Exploiting Log4j. Apache Solr, Cyber Secure. https://www.manrajbansal.com/post/exploiting-log4j-apache-solr
|
| [33] | Tracy, M., Jansen, W., Scarfone, K. and Butterfield, J. (2007) Guidelines on Electronic Mail Security. Information Technology Laboratory Computer Security Resource Cen-ter.
|
