Archive for the ‘Log4j’ Category

How Log4j Reshaped Cloud Security Thinking

A report from IT security firm Valtix has revealed how IT leaders are changing the way they secure cloud workloads in the aftermath of the Log4j vulnerability. Log4j is a logging library and part of the Apache Software Foundation’s Apache Logging Services project. It is pretty much ubiquitous in applications and services built using Java.  It is used to record […]

Leave a Comment

Qualys platform study: Log4Shell, the menace continues

The anatomy of Log4Shell By now, we are all familiar with the fact that Log4Shell is just about as critical as a critical vulnerability can get – scoring a 10 out of 10 on the National Institute of Standards and Technology’s CVSS severity scale. As it targets a library – Apache Log4j2 – that nearly […]

Leave a Comment

B1txor20 Linux botnet use DNS Tunnel and Log4J exploit

Researchers uncovered a new Linux botnet, tracked as B1txor20, that exploits the Log4J vulnerability and DNS tunnel. Researchers from Qihoo 360’s Netlab have discovered a new backdoor used to infect Linux systems and include them in a botnet tracked as B1txor20. The malware was first spotted on February 9, 2022, when 360Netlab’s honeypot system captured an […]

Leave a Comment

Night Sky ransomware operators exploit Log4Shell to target hack VMware Horizon servers

The Night Sky ransomware operation started exploiting the Log4Shell flaw ( CVE-2021-44228 ) in the Log4j library to gain access to VMware Horizon systems. The ransomware gang started its operations on December 27, 2021, and has already hacked the corporate networks of two organizations from Bangladesh and Japan respectively. The gang has also set up a leak site on […]

Leave a Comment

Log4Shell-like security hole found in popular Java SQL database engine H2

“It’s Log4Shell, Jim,” as Commander Spock never actually said, “But not as we know it.” That’s the briefest summary we can come up with of the bug CVE-2021-42392, a security hole recently reported by researchers at software supply chain management company Jfrog. This time, the bug isn’t in Apache’s beleagured Log4j toolkit, but can be found in a […]

Leave a Comment

Threat actor targets VMware Horizon servers using Log4Shell exploits, UK NHS warns

The security team at the UK National Health Service (NHS) announced to have spotted threat actors exploiting the Log4Shell vulnerability to hack VMWare Horizon servers and install web shells. “An unknown threat group has been observed targeting VMware Horizon servers running versions affected by Log4Shell vulnerabilities in order to establish persistence within affected networks.” reads the security advisory published by NHS. […]

Leave a Comment

Mitigating Log4Shell and Other Log4j Related Vulnerabilities

SSA-661247: Apache Log4j Vulnerabilities (Log4Shell, … Log4Shell+Vulnerability … Find detailed remediation and mitigation information

Leave a Comment

Apache Log4j 2.17.1 fixes new remote code execution flaw (CVE-2021-44832)

The Apache Software Foundation released Log4j 2.17.1 version to address a recently discovered arbitrary code execution flaw, tracked as CVE-2021-44832, affecting Log4j 2.17.0. CVE-2021-44832 is the fifth vulnerability discovered in the popular library in the last weeks. Like the previous issues affecting the library, this one could be exploited by threat actors to execute malicious […]

Leave a Comment

Experts monitor ongoing attacks using exploits for Log4j library flaws

Researchers from DrWeb monitored attacks leveraging exploits for vulnerabilities (CVE-2021-44228, CVE-2021-45046, CVE2021-4104, and CVE-2021-42550) in the Apache Log4j library warning of the need to adopt protective measures. The vulnerabilities can allow threat actors to execute arbitrary code on the target systems, trigger a Denial of Service condition, or disclose confidential information. Dr. Web set up […]

Leave a Comment

More than 35,000 Java packages impacted by Log4j flaw, Google warns

The Google Open Source Team scanned the Maven Central Java package repository and found that 35,863 packages (8% of the total) were using versions of the Apache Log4j library vulnerable to Log4Shell exploit and to the CVE-2021-45046 RCE. “More than 35,000 Java packages, amounting to over 8% of the Maven Central repository (the most significant Java package repository), have been impacted […]

Leave a Comment

Log4Shell: The Movie… a short, safe visual tour for work and home

As Christmas 2021 approaches, spare a thought for your sysamins, for your IT team, and for your cybersecurity staff. There may be plenty of mice stirring all through the IT house right up to Christmas Eve… …because that’s the deadline set by the US Cybersecurity and Infrastructure Security Agency (CISA) for patching the infamous Log4Shell vulnerability, a dangerously […]

Leave a Comment

Active scanning for Apache Log4j 2

Leave a Comment

Apple security updates are out – and not a Log4Shell mention in sight

Amongst all the brouhaha about Log4Shell, it’s easy to forget all the other updates that surround us. Not only is it Patch Tuesday (keep your eye on our sister site news.sophos.com for the latest on that score later in the day)… …but it’s also time to check your Apple devices, because Apple just pushed out a slew of […]

Leave a Comment

While attackers begin exploiting a second Log4j flaw, a third one emerges

Experts warn that threat actors are actively attempting to exploit a second bug disclosed in the popular Log4j logging library. American web infrastructure and website security company Cloudflare warns that threat actors are actively attempting to exploit a second vulnerability, tracked as CVE-2021-45046, disclosed in the Log4j library. The CVE-2021-45046 received a CVSS score of 3.7 and affects Log4j […]

Leave a Comment

Log4Shell: A new fix, details of active attacks, and risk mitigation recommendations

New versions of Log4j The recent discovery of a second Log4j vulnerability (CVE-2021-45046) has shown that the fix to address CVE-2021-44228 in Apache Log4j 2.15.0 was incomplete in certain non-default configurations. This vulnerability could allow attackers to craft malicious input data using a JNDI Lookup pattern, resulting in a denial of service (DoS) attack. “Note […]

Leave a Comment

Here We Go Again: Second Log4j Flaw Surfaces

Maybe Log4j vulnerabilities are like rats—for every one that’s visible, multiple others scurry beneath the surface. It’s too early to tell if that’s what will happen with Log4j. But just a day or so after a damaging vulnerability was disclosed, another has come to light. This time it’s believed to be moderate in severity. “A […]

Leave a Comment

CISA adds Log4Shell Log4j flaw to the Known Exploited Vulnerabilities Catalog

CISA adds Log4Shell Log4j flaw to the Known Exploited Vulnerabilities Catalog The U.S. CISA added 13 new vulnerabilities to the Known Exploited Vulnerabilities Catalog, including Apache Log4Shell Log4j and Fortinet FortiOS issues. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added 13 new vulnerabilities to the Known Exploited Vulnerabilities Catalog, including recently disclosed Apache Log4Shell Log4j and Fortinet FortiOS flaws. […]

Comments (1)