8/17/2023 0 Comments Nimble storage log4j![]() As you assess your own risk and threat model, please consider the components of the software you use and especially what may be publicly accessible.” “In this scenario, unfortunately, the vendors themselves will need to push the security updates downstream. “The Log4j package may be bundled in with software you use provided by any given vendor,” Hammond wrote in a blog post Friday. As a result, Hammond said hackers are taking a spray-and-play approach to wreaking havoc. The Log4j attack vector is extremely trivial for adversaries, Huntress’ Hammond warned, with a single string of text capable of triggering an application to begin a process that eventually grants an adversary the opportunity to run any code they would like on the target. ![]() Everything from the new printer you’ve bought for the office to the ticketing system you’ve just deployed is potentially affected by this flaw.” “It affects not only the code you build, but also the third-party systems you have in place. “We’re discovering new apps every minute which use Log4j in one way or another,” Deraison wrote in his blog post Monday. We urge all organizations to join us in this essential effort and take action.”ĬISA urged end users to: upgrade to Log4j version 2.15.0 identify any external facing devices that have Log4j installed ensure their Security Operations Center (SOC) is taking action on every single alert from devices with Log4j installed and install a web application firewall (WAF) with automatically updating rules so that the SOC can focus on fewer alerts. ![]() “We will only minimize potential impacts through collaborative efforts between government and the private sector. “This vulnerability poses a severe risk,” CISA Director Jen Easterly said in a statement Saturday. CISA said it’s proactively reaching out to entities whose networks may be vulnerable and is leveraging its scanning and intrusion detection tools to help identity exposure or exploitation. Cybersecurity and Infrastructure Security Agency (CISA) on Saturday urged vendors to immediately identify, mitigate, and patch the wide array of products using software from the Log4j library. “Similarly, the early exploitation of Log4j, during which attackers will go after the low-hanging fruit exposed by the vulnerability, will evolve over time to take the form of more complex attacks on more sensitive systems that have less exposure to the internet.” “Ten years ago, an earthquake and subsequent tidal wave triggered the meltdown of the Fukushima nuclear power plant that continues to plague the region today,” Deraison wrote in a blog post Monday. ![]() Remote code execution exploits like these are innately dangerous since hackers can carry out an attack with a single line of text, he said. The ubiquity of the Java logging package Log4j in software used by everyone from Apache and Apple to Minecraft and Twitter gives threat actors an enormous attack surface to cause widespread global disruption, Huntress Senior Security Researcher John Hammond said. Businesses around the world will spend years dealing with the repercussions from critical vulnerabilities discovered in Apache Log4j, Tenable Co-Founder and CTO Renaud Deraison predicted.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |