Initially, the company deployed version 2.15.0 to mitigate the bug, but that version was itself flawed in that it could let someone execute a denial of service attack. Organizations affected by the Log4Shell flaw are urged to upgrade Log4j to version 2.16.0, released by Apache on December 13. SEE: NIST Cybersecurity Framework: A cheat sheet for professionals (free PDF) (TechRepublic) Recommendations for mitigating the Log4j vulnerability In this one, cybercriminals able to exploit the flaw can install a Trojan malware, which downloads an executable file that then installs a cryptominer. One specific attack seen by Check Point hit five victims in finance, banking, and software across the US, Israel, South Korea, Switzerland and Cyprus. Security provider Check Point Software said it has discovered more than 1.2 million attempts to exploit the vulnerability, stretching across 44% of corporate networks around the world. A new ransomware family named Khonsari seems to be targeting Linux servers, according to Bitdefender. Of course, ransomware is never far behind in a flaw like this. Also trying to exploit the Log4Shell flaw has been XMRIG miner, which uses computing resources to mine digital currency without the owner’s knowledge or permission. One botnet spotted by Bitdefender in the attempt is Muhstik, a threat that takes advantage of vulnerabilities in web applications. Specifically, the firm has discovered several attacks trying to exploit the bug with the intent of launching crypto jacking campaigns once server access has been achieved. Fellow security firm Bitdefender said it’s observed real-world attacks on machines outfitted with its endpoint protection product. In a blog post published Tuesday, Cloudflare said that its researchers are currently watching around 1,000 attempts per second actively trying to exploit the flaw. But security researchers are seeing plenty of attempts. No actual breaches have officially been announced yet, according to security provider Cloudflare. And with attackers already scanning the internet to find vulnerable targets, if organizations haven’t already started taking mitigation steps then it may already be too late.” “Log4j is used by thousands of applications, libraries, and frameworks, meaning the number of potentially impacted organizations is staggering. “It’s safe to say this vulnerability will have, and already is having, a massive effect on the industry,” said Dan Piazza, technical product manager for Netwrix. If successful, an attacker can then gain control of a server to install malware, steal confidential information or mine digital currency. For that reason, hackers are hungrily looking for unpatched systems that they compromise. And though Apache has released an updated and patched version of the tool, affected users may not be able to upgrade quickly enough. Since Java is such a ubiquitous programming language, the flaw impacts a huge number of applications, systems and servers.ĭesignated as CVE-2021-44228 by The National Institute of Standards and Technology (NIST), the bug also is easy to exploit, requiring little or no programming skills. Revealed last week but reported to Apache in November, Log4Shell is a zero-day vulnerability in the company’s Log4J utility, which is used by developers and organizations around the world to log requests and error messages for Java applications. Top 10 open-source security and operational risks of 2023Īs a cybersecurity blade, ChatGPT can cut both waysĬloud security, hampered by proliferation of tools, has a “forest for trees” problemĮlectronic data retention policy (TechRepublic Premium) SEE: Patch management policy (TechRepublic Premium) Must-read security coverage Fortunately, there are steps you can take to make sure your own systems are protected. The Log4j security vulnerability known as Log4Shell is shaping up to be one of the worst security flaws of the year, potentially affecting millions of applications and painting a bullseye on unpatched systems that hackers can compromise and control. Log4j: How to protect yourself from this security vulnerabilityĪs cybercriminals scan for susceptible servers, there are steps you can take to mitigate the Log4j critical vulnerability.
0 Comments
Leave a Reply. |