Defending Against Log4j Vulnerabilities

Uploaded on 2022-01-25 in TECHNOLOGY--Resilience, FREE TO VIEW

In December 2021, a vulnerability in the open source Log4J logging service used by developers to monitor their Java applications first came to light and many leaving enterprises scrambling to patch affected systems.

Analysis from Microsoft has revealed details of a security flaw in SolarWinds Serv-U software, which was being exploited by malicious actors to launch attacks leveraging the Log4j bugs to compromise targets. 

Consequently, there remains a strong possibility that criminal hackers can avoid detection by staying hidden inside networks, waiting for the right moment to strike, as with the highly damaging and widespread SolarWinds exploit.  In particular, the risk of concealed Log4j vulnerabilities means that effective measures are required to reduce the frequency of disruptive events and to control the degree to which they cause damage.

Using up to date technology and cyber security tools both play a valuable role in protecting an organisation, however, management need to look at the defensive controls they have in place if they want to strengthen their cyber security and prepare for other similar persistent vulnerabilities.

Important Steps To Improve  Security

Diverse Teams:   Women and minority groups are heavily under-represented in the field, and that needs to change not only to help relieve the skills shortage but also to create higher performing teams

Outsourcing:   The skills gap in cyber security has been discussed for years, but unfortunately, it’s only becoming more acute and current predictions say there will be 3.5 million unfilled cyber security jobs by the end of 2021. Consider bringing on a managed service provider to help bolster your team. 

Training:   The most critical skills you need to train for are incident response and crisis management. Every  employee must be vigilant and play an active role in ensuring a more secure enterprise. Provide employee cyber education training, and not turn a blind eye to other weak links in the chain. 

Technology:    There is a wide range of innovative work and cyber security tolls being developed that help businesses protect their infrastructure, assets, employees, and customers. But technology is not sufficient by itself -  building proactive, effective cyber security mindset among employees is equally important. 

Open Source Software:   Organisations should understand the extent to which they rely on open source software and tools and test them before running them on any production environment. 

If there is no change to the software installed on the server, it is not necessary to run Log4j scanners to detect the presence of Log4j. However, vulnerability assessment scans should be conducted periodically as part of any vulnerability management process.

For Advice and Recommendations on Employee Cyber Security Training please Contact: Cyber Security Intelligence. 

Microsoft:    Arent Fox:   Computing:    Venturebeat:     Flilboard:     Computer Weekly:   

Politico:     Security Boulevard

You Might Also Read: 

Chinese APT Hackers Used Log4Shell Exploit to Target Academic Institution:

 

« Auto-Redirects: A Harmful Detour
Ransomware Attack On Moncler »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Hotlava Systems

Hotlava Systems

HotLava network adapters enable today's powerful servers and workstations to deliver more productivity by reducing congestion at the network interface.

Protenus

Protenus

Protenus provide a solution to proactively monitor and protect patient privacy in the electronic health record (EHR).

Ideagen

Ideagen

Ideagen provides information management, safety, risk and compliance software solutions that allow organisations to achieve operational excellence, regulatory compliance and reduce risk.

Ikarus Security Software

Ikarus Security Software

Ikarus focuses on antivirus and content-security solutions.

Arsenal Recon

Arsenal Recon

Arsenal Recon are digital forensics experts, providing consultancy services and powerful software tools to improve the analysis of electronic evidence.

CERT-PH

CERT-PH

CERT-PH is the National Computer Emergency Response Team and the highest body for cybersecurity related activities in the Philippines.

Infopulse

Infopulse

Infopulse is a global provider of Software Engineering, Cloud & IT Infrastructure Management, and Cybersecurity services.

Get Safe Online

Get Safe Online

Get Safe Online is a leading source of unbiased, factual and easy-to-understand information on online safety.

ZEBOX

ZEBOX

ZEBOX is an international incubator & accelerator of innovative startups. Focus is on Transport/Logistics and Industry X.0 including technologies such as AI, Blockchain and Cybersecurity.

Ergo

Ergo

Ergo is a world-class IT Partner of choice, leveraging the latest technology available in cloud, mobility, big data, analytics, and social media.

DataFleets

DataFleets

DataFleets is a privacy-preserving data engine that unifies distributed data for rapid access, agile analytics, and automated compliance.

Presidio

Presidio

Presidio is a leading North American IT solutions provider focused on Digital Infrastructure, Business Analytics, Cloud, Security & Emerging solutions.

European Center for CyberSecurity in Aviation (ECCSA)

European Center for CyberSecurity in Aviation (ECCSA)

ECCSA is a cooperative partnership within the aviation community to better understand emerging cybersecurity risks in aviation and provide collective support in dealing with cybersecurity incidents.

Information Security Officers Group (ISOG)

Information Security Officers Group (ISOG)

ISOG's mission is to strengthen information security through awareness and education programs, promoting community and fellowship among information security leaders.

Cisilion

Cisilion

Cisilion's mission is simple – to transform and connect business with next-generation IT infrastructure. Our expertise includes enterprise networking, security, data centre & cloud, managed services.

Nihka Technology Group

Nihka Technology Group

Nihka offers full end-to-end ICT solutions from business optimisation, data centre modernisation, cloud connection and management, and ICT security.