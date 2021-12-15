



The Apache Log4j library is a Java-based logging tool that is widely used in enterprise applications. A vulnerability first reported on December 9th, called Log4Shell, allows an attacker to hijack a server by simply sending a specific code string through the affected application.

Since then, security researchers have reported a wave of massive attacks.

For example, Check Point alone reportedly blocked 1.3 million attempts against 44% of all global networks as of December 14.

Hackers have also exploited this vulnerability to steal data, deploy ransomware, install backdoors, create botnets, mine cryptocurrencies, and perform other illegal activities. As a result, the number of attacks has increased dramatically.

This vulnerability is extremely dangerous due to its large scale, “said Allie Mellen, an analyst at Forrester Research.

According to Mellen, Java is used on over 3 billion devices, many of which use Log4j.

“This vulnerability is used for months (if not years) to attack businesses,” she added.

“It’s no exaggeration to say that all enterprise organizations use Java,” said Dor Dali, director of information security at Vulcan Cyber. “And Log4j is one of Java’s most popular logging platforms. If you connect the dots, the impact of this vulnerability can be significant.”

According to Brian Fox, CTO of cybersecurity vendor Sonatype, the vulnerable version of Log4j has been downloaded 29 million times in the last four months and is also a component of nearly 7,000 other open source projects.

“It’s even a component of the Ingenuity helicopter on board the Mars rover,” he told Data Center Knowledge.

According to Sonatype data, as of this Monday, a new patched version of Log4j is available, but 65% of all current downloads are from the old vulnerable version.

Cybersecurity vendor Wiz has discovered that over 89% of all environments have vulnerable Log4j libraries.

“And for many of them, the development team is convinced that the exposure is zero and is surprised to find that some third-party components are actually built using Java,” Wiz said. Ami Luttwak, founder and CTO of fo, said.

Wiz is a $ 6 billion cloud security startup that discovered a vulnerability in Microsoft Cosmos DB earlier this year. According to the company, Log4j has doubled its usage.

Etay Maor, a professor of cybersecurity at Boston University and senior director of security strategy at Cato, said:

To make matters worse, many applications that use this library are not actively maintained and patches may not be readily available.

Chris Wysopal, CTO and co-founder of cybersecurity vendor CAVeracode, said: “The way Log4j interprets data is to have a nested parser. You can embed elements inside elements and nested strings. The only way to truly fix this vulnerability is to fix this vulnerability. Is to update the libraries used by the application. “

Even if a particular application does not use Log4j, it can still use the surrounding infrastructure, such as application servers, message queue servers, database servers, and network devices, he said.

There is good reason why Log4Shell, officially known as CVE-2021-44228, is rated 10 out of 10 in severity.

The vulnerability could allow an attacker to execute malicious software by allowing Log4j to write specially crafted log entries, explained Casey Ellis, CEO of cybersecurity company Bugcrowd.

“Because logging is design flexible, this vulnerability has almost endless potential paths to exploit,” he said.

Even cyber security applications can be vulnerable. Vulnerable Log4j code has been found in products such as CyberArk, ForgeRock, Okta, Ping Identity, Fortinet, SonicWall, and Sophos. This code is also included in the products of Cisco, IBM, VMware, and many other enterprise technology vendors.

All vendors are competing with time to patch and mitigate their products.

“This vulnerability poses a serious risk,” Jen Eastary, director of cybersecurity and infrastructure security agencies, said in a statement released Saturday.

CISA identifies the external devices on which Log4j is installed, ensures that the Security Operations Center responds to all alerts received from those devices, and installs the web application firewall with the appropriate rules. It is recommended to do.

The agency has also released vulnerability guidance to help vendors and businesses respond to threats.

It didn’t help to be published shortly after the vulnerability was discovered. Vulnerabilities are usually pre-disclosed to affected vendors, giving attackers an opportunity to patch critical systems before they know about it. Patches are usually slow for some companies, and there is still a gap for attackers to use them. But this time, the gap is universal. While the attackers spend their hands-on days, all vendors are scrambling to deploy the fix.

Impact on data center

“Data center administrators need to know that servers are almost certainly under attack today,” said Jeff Williams, CTO and co-founder of Contrast Security. “Attackers are targeting almost everything in an attempt to exploit this vulnerability.”

Log4j is commonly used not only in VMware products, but also in Jamf Pro and many other applications, said David Wolfoff, CTO and co-founder of cybersecurity firm Randori.

“Data center administrators need to know that Log4j may be used in many management applications,” he told Data Center Knowledge.

He recommends that data centers enable default denial for as many critical external applications as possible.

“By limiting outbound connections, we can reduce the risk that vulnerabilities like Log4j will affect our system in the future,” he said. “Randori’s customers who performed this action were not disproportionately affected by Log4jCVE, even though they had vulnerable applications on their system.”

But it’s not just borderline applications that are potentially vulnerable, says Michael Clark, director of threat investigations at Sysdig.

“For example, you can patch a web server, but you also need to patch every system that processes user data from there,” he told Data Center Knowledge. “Otherwise, exploits can occur further down the workflow of the processing app.”

Sources 1/ https://Google.com/ 2/ https://www.datacenterknowledge.com/security/enterprises-see-exponential-growth-log4jshell-attacks The mention sources can contact us to remove/changing this article

What Are The Main Benefits Of Comparing Car Insurance Quotes Online

LOS ANGELES, CA / ACCESSWIRE / June 24, 2020, / Compare-autoinsurance.Org has launched a new blog post that presents the main benefits of comparing multiple car insurance quotes. For more info and free online quotes, please visit https://compare-autoinsurance.Org/the-advantages-of-comparing-prices-with-car-insurance-quotes-online/ The modern society has numerous technological advantages. One important advantage is the speed at which information is sent and received. With the help of the internet, the shopping habits of many persons have drastically changed. The car insurance industry hasn't remained untouched by these changes. On the internet, drivers can compare insurance prices and find out which sellers have the best offers. View photos The advantages of comparing online car insurance quotes are the following: Online quotes can be obtained from anywhere and at any time. Unlike physical insurance agencies, websites don't have a specific schedule and they are available at any time. Drivers that have busy working schedules, can compare quotes from anywhere and at any time, even at midnight. Multiple choices. Almost all insurance providers, no matter if they are well-known brands or just local insurers, have an online presence. Online quotes will allow policyholders the chance to discover multiple insurance companies and check their prices. Drivers are no longer required to get quotes from just a few known insurance companies. Also, local and regional insurers can provide lower insurance rates for the same services. Accurate insurance estimates. Online quotes can only be accurate if the customers provide accurate and real info about their car models and driving history. Lying about past driving incidents can make the price estimates to be lower, but when dealing with an insurance company lying to them is useless. Usually, insurance companies will do research about a potential customer before granting him coverage. Online quotes can be sorted easily. Although drivers are recommended to not choose a policy just based on its price, drivers can easily sort quotes by insurance price. Using brokerage websites will allow drivers to get quotes from multiple insurers, thus making the comparison faster and easier. For additional info, money-saving tips, and free car insurance quotes, visit https://compare-autoinsurance.Org/ Compare-autoinsurance.Org is an online provider of life, home, health, and auto insurance quotes. This website is unique because it does not simply stick to one kind of insurance provider, but brings the clients the best deals from many different online insurance carriers. In this way, clients have access to offers from multiple carriers all in one place: this website. On this site, customers have access to quotes for insurance plans from various agencies, such as local or nationwide agencies, brand names insurance companies, etc. "Online quotes can easily help drivers obtain better car insurance deals. All they have to do is to complete an online form with accurate and real info, then compare prices", said Russell Rabichev, Marketing Director of Internet Marketing Company. CONTACT: Company Name: Internet Marketing CompanyPerson for contact Name: Gurgu CPhone Number: (818) 359-3898Email: [email protected]: https://compare-autoinsurance.Org/ SOURCE: Compare-autoinsurance.Org View source version on accesswire.Com:https://www.Accesswire.Com/595055/What-Are-The-Main-Benefits-Of-Comparing-Car-Insurance-Quotes-Online View photos