Log4j Security Vulnerability

Share This Post

Share on facebook
Share on linkedin
Share on twitter
Share on email

Last week, Apache Software Foundation disclosed that a widely used open-source software called, Log4j, has a flaw that is exposing users to cyber security threats and ransomware.  Log4j is a widely used Java library leveraged for logging error messages in applications.  The estimated impact is over 100 million instances globally.  It has currently been confirmed in Log4j versions 2.0-beta9 through 2.12.1 and 2.13.0 through 2.15.0.  The flaw allows attackers to execute code remotely, which can steal data, install malware, or take control of a system.

What to look for

Take inventory of your all your internet facing devices that are running on Log4j, and work to upgrade any operating an impacted version.  When this vulnerability was made public, it was described as a zero-day (or 0day).  This means the flaw was targeted and attackers could have potentially acted on it prior to software developers knowing the flaw even existed.  One thing to look for is, when log message lookup substitution is enabled, attackers can control log messages or log message parameters.  When updating to the latest version 2.16.0, the substitution feature has been removed.

People pointing to computer

What steps can you take now?

There are a few steps your business should do immediately.

  1. Take an inventory of all internet facing devices that are running Log4j
  2. Where possible, update to the latest version of software 2.16.0
  3. Make sure devices that run Log4j have proper alerting for probes and attacks
  4. Have an incident response plan in place outlining the steps your team will take if you find out you have a cyberattack

This kind of cyber attack is extremely complex, and because of the Log4j’s wide adoption, and the classification as a 0day vulnerability, it can be tricky to detect if your software, services, devices, and servers have been impacted.

Ensures Compliance With the General Data Protection Regulation (GDPR) - What Is IT Architecture?

How we can help

Helping businesses with these kinds of vulnerability and attacks are something we do every day.  We have experts in cybersecurity and incident response experts that have a proven track record of helping business get back up and running, and helping businesses put together plans for the future for when these types of things come up.  Whether you have been impacted, or you want to be proactive for the next one, we are here to help your team and business improve your routines and security.

Set up a consultation so we can talk about what your business is looking for, the problems you are having, or where we can help in the future.  Here’s the link to get started with your consultation – https://locusrecruiting.com/contact/

 

Subscribe To Our Newsletter

Get updates and learn from the best

More To Explore

Blog

Security Anxiety and the Supply Chain

With the current state of the world, are you experiencing security anxiety?  We often recommend preparing for threats by setting up Incident Response (IR) plans, testing for vulnerabilities, etc.  However, what happens when things like supply chain delays are out of your control? We’ve recently

Blog

Log4j Security Vulnerability

Last week, Apache Software Foundation disclosed that a widely used open-source software called, Log4j, has a flaw that is exposing users to cyber security threats and ransomware.  Log4j is a widely used Java library leveraged for logging error messages in applications.  The estimated impact is over 100

Ready to speak with a Technical Recruiting Specialist?

drop us a line, Let's talk!