Germanys National Cybersecurity Agency declares red alert: Wave of attacks possibly imminent due to Log4Shell vulnerability . The remaining days before Christmas will not be relaxing ones for IT and IT security managers in companies around the world: The Log4Shell security vulnerability is currently keeping the IT world on tenterhooks.
The vulnerability allows attackers to execute arbitrary code on their victims’ systems if an affected version of Log4J2 is in use. Just another problem: The gap can be exploit with a simple command and can therefore be make use of with very little expertise. Germanys National Cybersecurity Agency (BSI) further warns of the consequences of the gap.
Java library Log4J2, which is use to write logs in Java applications, is affect. The library is consider a de facto-standard as it is utilize in millions of applications. It is sufficient to initiate a logging process in a Java application with a user-defined string.
Once the process has been successfully execute, only a small exploit file on a remote web resource needs to be reference to, to perform the attack. The code is not verify regarding its origin, therefore resources outside the user’s own server will also be accepted.
Anyone using Java applications with Log4J2 should therefore apply available patches immediately. Even if no network attack has been detect so far, it is recommend to have a qualify IT service provider assess whether the network has been compromise. Due to the ease of exploitation, it is to be expect that criminals will first compromise hundreds of thousands of systems and then begin to monetize these infections in a few weeks, for example by installing ransomware.
Resource : Wave of attacks possibly imminent due to Log4Shell vulnerability | G DATA (gdatasoftware.com)
Software Asset Management CyberSecurity Consultants in the Middle East (gcst.ae)