Defending Against Log4j Vulnerabilities

Uploaded on 2022-01-25 in TECHNOLOGY--Resilience, FREE TO VIEW

In December 2021, a vulnerability in the open source Log4J logging service used by developers to monitor their Java applications first came to light and many leaving enterprises scrambling to patch affected systems.

Analysis from Microsoft has revealed details of a security flaw in SolarWinds Serv-U software, which was being exploited by malicious actors to launch attacks leveraging the Log4j bugs to compromise targets. 

Consequently, there remains a strong possibility that criminal hackers can avoid detection by staying hidden inside networks, waiting for the right moment to strike, as with the highly damaging and widespread SolarWinds exploit.  In particular, the risk of concealed Log4j vulnerabilities means that effective measures are required to reduce the frequency of disruptive events and to control the degree to which they cause damage.

Using up to date technology and cyber security tools both play a valuable role in protecting an organisation, however, management need to look at the defensive controls they have in place if they want to strengthen their cyber security and prepare for other similar persistent vulnerabilities.

Important Steps To Improve  Security

Diverse Teams:   Women and minority groups are heavily under-represented in the field, and that needs to change not only to help relieve the skills shortage but also to create higher performing teams

Outsourcing:   The skills gap in cyber security has been discussed for years, but unfortunately, it’s only becoming more acute and current predictions say there will be 3.5 million unfilled cyber security jobs by the end of 2021. Consider bringing on a managed service provider to help bolster your team. 

Training:   The most critical skills you need to train for are incident response and crisis management. Every  employee must be vigilant and play an active role in ensuring a more secure enterprise. Provide employee cyber education training, and not turn a blind eye to other weak links in the chain. 

Technology:    There is a wide range of innovative work and cyber security tolls being developed that help businesses protect their infrastructure, assets, employees, and customers. But technology is not sufficient by itself -  building proactive, effective cyber security mindset among employees is equally important. 

Open Source Software:   Organisations should understand the extent to which they rely on open source software and tools and test them before running them on any production environment. 

If there is no change to the software installed on the server, it is not necessary to run Log4j scanners to detect the presence of Log4j. However, vulnerability assessment scans should be conducted periodically as part of any vulnerability management process.

For Advice and Recommendations on Employee Cyber Security Training please Contact: Cyber Security Intelligence. 

Microsoft:    Arent Fox:   Computing:    Venturebeat:     Flilboard:     Computer Weekly:   

Politico:     Security Boulevard

You Might Also Read: 

Chinese APT Hackers Used Log4Shell Exploit to Target Academic Institution:

 

« Auto-Redirects: A Harmful Detour
Ransomware Attack On Moncler »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

QTS

QTS

QTS Realty Trust, Inc. is a leading provider of secure, compliant data center, hybrid cloud and managed services.

SonicWall

SonicWall

SonicWall provide products for network security, access security, email security & encryption.

SharkGate

SharkGate

SharGate provide a cloud-based website security solution to protect websites from being hacked.

VNCERT

VNCERT

VNCERT is the national Computer Emergency Response Team for Vietnam.

Digital Hands

Digital Hands

Digital Hands is an award-winning managed security services provider.

Intensity Analytics

Intensity Analytics

Intensity Analytics is a software firm that develops next-generation, physical user and entity behavioral authentication ("physical UEBA") security software technology.

National Cyber Security Centre (NCSC) - New Zealand

National Cyber Security Centre (NCSC) - New Zealand

The role of the NCSC is to help New Zealand’s most significant public and private sector organisations to protect their information systems from advanced cyber-borne threats.

ThirdWatch

ThirdWatch

ThirdWatch is a Data Science company with real-time automated fraud prevention solutions.

MythX

MythX

MythX is the premier security analysis service for Ethereum smart contracts.

Highland Capital Partners

Highland Capital Partners

Highland Capital Partners is an early stage venture capital firm focused on category-defining businesses in consumer and enterprise technology, including cybersecurity.

RackTop Systems

RackTop Systems

RackTop Systems is the pioneer of CyberConverged data security, a new market that fuses data storage with advanced security and compliance into a single platform.

Loki Labs

Loki Labs

Loki Labs provides expert cyber security solutions and services, including vulnerability assessments & penetration testing, emergency incident response, and managed security.

ReasonLabs

ReasonLabs

ReasonLabs have created a next-generation anti-virus that is enterprise grade, yet accessible to any personal device around the world.

Symptai Consulting

Symptai Consulting

Symptai Consulting is a leading Cyber Security, Digital Transformation and Anti-Money Laundering firm serving the Caribbean and the wider world.

Venari Security

Venari Security

Venari is an award-winning cybersecurity SaaS provider that has developed an ETA (Encrypted Traffic Analysis) platform which fundamentally changes the way encrypted traffic is analysed.

CyberEPQ

CyberEPQ

CyberEPQ (Cyber Extended Project Qualification) is the UK’s first and only Extended Project Qualification in Cyber Security.