As 2021 came to a close, the world was hit by another crippling crisis. On December 17th, the United States Cybersecurity and Infrastructure Security Agency (CISA) released a warning about the Log4j vulnerability and the severity of it. Actually, the director of CISA called it “the most serious vulnerability” she’s seen in her career.

Here’s everything you need to know about the Log4j flaw:

What is Log4j?

According to Wired, Log4j is “an open source Apache logging framework that developers use to keep a record of activity within an application.” It’s a Java library still widely used by web applications and enterprise systems today.  

This vulnerability affects versions 2.0 and 2.15 users like Amazon, Microsoft, Fortinet and Cisco. In fact, the Java version of Microsoft’s Minecraft contained that vulnerability, so they sent out instructions for users on how to patch their systems.

How are hackers exploiting this vulnerability?

One of the features of Log4j allows users to format log messages using custom code. Due to the flaw, cyber criminals can now abuse this feature to inject malicious, custom code and gain access to the system. Once in control, they’ve been known to steal sensitive information, deploy cryptocurrency miners and even infect other systems. 

What’s being done to remediate the flaw?

Unfortunately, there is no universal way to fix this. There are a few recommendations, including:

  • Updating to the latest software version 
  • Removing the code manually

According to CISA, organizations should continue to monitor their systems for suspicious activity by:

  • Making a list of any devices with Log4j installed. This can be difficult to determine as it’s sometimes bundled with other software.
  • Checking that the security operations center (SOC) has alerts set up and automated actions are in place to isolate any infection.
  • Installing a web application firewall (WAF) and setting up rules.

If you have any questions or concerns regarding cybersecurity, please contact us today. 

Phone: (704) 658-1707
Email: info@biztechnologysolutions.com

Get Your {FREE} Dark Web Scan Today to See If You’ve Already Been Breached!

If you’re worried your information may already be on the dark web, let us run a FREE scan for you. Just book a time on CJ’s calendar below to receive the report and review the results.


Resources:

https://www.wired.com/story/log4j-flaw-hacking-internet/ 

https://cisomag.eccouncil.org/log4j-explained/ 

https://theconversation.com/what-is-log4j-a-cybersecurity-expert-explains-the-latest-internet-vulnerability-how-bad-it-is-and-whats-at-stake-173896

Contact:

Phone: (704) 658-1707
Fax: (704) 658-9876
Email: Info@biztechnologysolutions.com