Log4j Cyber Security Flaw Seriously Concerns Experts

Uploaded on 2021-12-24 in NEWS-Cybersecurity News, FREE TO VIEW

A critical flaw in widely used software has cyber security experts raising alarms and big companies racing to fix the issue. The vulnerability is in Java-based software known as "Log4j" that many large organisations use to configure their applications and it poses potential risks for much of the Internet.

The US Cybersecurity and Infrastructure Security Agency (CISA) has now issued a statement ordering all civilian federal agencies to patch the Log4j vulnerability. 

The Log4j vulnerability is currently being widely exploited by a growing number of threat actors, prompting government officials to take action.

The flaw presents a high threat to companies given its broad use and active exploitation. The issue lies in a commonly used utility that has been incorporated into countless pieces of software because it is open source, meaning anyone can use it. Log4j is principally uses as a tool to log activity for many computer systems. Developed and maintained by a handful of volunteers under the auspices of the open-source Apache Software Foundation, it is extremely popular with commercial software developers. It runs across many platforms, powering everything from webcams to car navigation systems and medical devices, according to the security firm Bitdefender

The flaw in Log4j allows attackers to  seize control of everything from industrial control systems to web servers and consumer electronics. Unless it is fixed, it gives a potential opening to internal networks where cyber criminals can loot valuable data, plant malware, erase crucial information and more. The first obvious signs of the flaw's exploitation appeared in the Microsoft online game Minecraft, when users were able to use it to execute programs on the computers of other users by pasting a short message in a chat box. 

Apache Software Foundation said the Chinese tech giant Alibaba notified it of the flaw on November 24 and the  Foundation rates the risk at 10 out of 10.

CISA is working closely with our public and private sector partners to proactively address a critical vulnerability affecting products containing the log4j software library. "This vulnerability, which is being widely exploited by a growing set of threat actors, presents an urgent challenge to network defenders given its broad use’  according their latest statement.

CISA has added the harmful flaw to its Known Exploited Vulnerabilities Catalog and created a new landing page for all content regarding the vulnerability. CISA is providing insight to organizations via the Joint Cyber Defense Collaborative that includes numerous US  cybersecurity companies. 

  • The US Department of Homeland Security has ordered federal agencies to urgently eliminate the bug because it is so easily exploitable, and telling those with public-facing networks to put up firewalls if they cannot be sure.
  • In Australia, the Australian Cyber Security Centre has issued a critical alert urging organisations to apply the latest patches to address the weakness.

The Director od CISA, Jen Easterly, was reported describing  the flaw "one of the most serious I've seen in my entire career, if not the most serious".

A wide range of critical industries, including electric power, water, food and beverage, manufacturing and transportation, were exposed, according to cyber security firm Dragos and CISA recommends asset owners take some  immediate steps regarding this vulnerability:

  • Enumerate any external facing devices that have log4j installed. 
  • Make sure that your security operations center is actioning every single alert on the devices that fall into the category above.
  • Install a web application firewall (WAF) with rules that automatically update so that your SOC is able to concentrate on fewer alerts.  

CISA's concerns over Log4j highlight the importance of building secure software from the outset and more widespread use of Software Bill of Materials (SBOM), providing end users the transparency they require to know if their products rely on vulnerable software libraries. 

CISA:       Govt. of Australia:        ABC:       Oodaloop:      ZDNet:    CNN:    Indian Express:    CP24:

You Might Also Read: 

Microsoft Will Invest $20Billion In Cyber Security:

 

« Cyber Revolution In The Media & Entertainment Industry
British Plan To Become A ‘Global Cyber Power’ In 2022 »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

Watch this webinar to hear security experts from Amazon Web Services (AWS) and SANS break down the myths and realities of what an NGFW is, how to use one, and what it can do for your security posture.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

ITrust

ITrust

French cybersecurity pure player since 2007. ITrust offers its Cyber expertise services and develops disruptive products in Cyber/Artificial Intelligence.

Foregenix

Foregenix

Foregenix are global specialists in Digital Forensics and information security including Penetration testing and Website Security.

Progress Flowmon

Progress Flowmon

Progress Flowmon (formerly Flowmon Networks) provide high performance network monitoring technology and behavior analytics to enhance network performance and deal with cyber threats.

Procilon Group

Procilon Group

Procilon Group specialize in the development of cryptographic software as well as strategic advice on information security and data protection.

Redshift Consulting

Redshift Consulting

Redshift is an information management and information security consulting company offering a full range of services from infrastructure design to security assessments and network monitoring.

Procsima Group

Procsima Group

Procsima Group was created to help you achieve good IT management and security excellence.

Norsk Akkreditering

Norsk Akkreditering

Norsk Akkreditering is the national accreditation body for Norway. The directory of members provides details of organisations offering certification services for ISO 27001.

CyberInsureOne

CyberInsureOne

At CyberInsureOne, we break down the complex world of cyber insurance, and connect you with providers that can give you and your company peace of mind.

Hut Six Security

Hut Six Security

Train, test and track your Information Security culture through information security awareness training and customised phishing simulation campaigns.

Quantifind

Quantifind

Quantifind enables financial crimes/fraud analysts and investigators to make better decisions, faster, with intelligent automation.

Madrona Venture Group

Madrona Venture Group

Madrona Venture Group invests in seed and early-stage technology companies in areas including cybersecurity.

ISTC Foundation

ISTC Foundation

ISTC Foundation is one of the leading innovation centers in Armenia, founded by joint initiative of IBM, USAID, Armenian Government and Enterprise Incubator Foundation.

Valarian

Valarian

Valarian (formerly Worldr) is on a mission to build cutting-edge solutions that empower borderless collaboration in the new era of digital sovereignty.

NewAE Technology

NewAE Technology

NewAE Technology is revolutionizing the hardware security market by making every engineer and designer aware of side-channel power analysis and glitching as important attack vectors.

Panoplia Digital Protection

Panoplia Digital Protection

Panoplia Digital Protection is a cutting-edge cybersecurity company that leverages the power of AI and ML to help businesses and consumers protect themselves against cyber threats.

RightCue Assurance

RightCue Assurance

RightCue Assurance identify opportunities for improvement in the Information Security for your organisation and work with you to reduce cyber risk.

Runecast Solutions

Runecast Solutions

Runecast Solutions is a global leader in AI-powered risk mitigation, security, continuous compliance and more efficient IT operations management.