A newly discovered flaw in a common piece of open-source software is prompting researchers and companies to update their systems in a bid to prevent hacks and ransomware attacks.
The vulnerability, known as CVE-2021-44228, was disclosed on Dec. 9, which allows remote access to servers and code execution, some experts have said. Meanwhile, Log4j is used in a large number of enterprise systems, raising concerns that it may be easily exploited.
Since the vulnerability, which some dubbed “Log4Shell,” so is widespread and is likely present in highly-trafficked websites and apps, users may also see their favorite websites and apps be impacted.
Cybersecurity firms Mandiant and Crowdstrike said that hacking groups are trying to breach systems, and Mandiant described to Reuters that they are “Chinese government actors,” in reference to the ruling Chinese Communist Party.
“Given that Log4j has been a ubiquitous logging solution for Enterprise Java development for decades, Log4j has the potential to become a vulnerability that will persist within Industrial Control Systems (ICS) environments for years to come,” according to a blog post by cybersecurity researchers at Dragos.A cybercriminal can exploit the flaw by sending a malicious code string that will get logged by the Log4j version, allowing the attacker to load an arbitrary Java code to a server. The vulnerability could potentially allow them to take control of the server.
Federal cybersecurity officials also reportedly expressed alarm over the vulnerability in recent days.
“This vulnerability is one of the most serious that I’ve seen in my entire career, if not the most serious,” Jen Easterly, the head of the U.S. Cybersecurity and Infrastructure Security Agency (CISA), said on a phone call. The Epoch Times has contacted CISA for comment.Easterly warned that CISA can “expect the vulnerability to be widely exploited by sophisticated actors and we have limited time to take necessary steps in order to reduce the likelihood of damaging incidents.”
The proverbial canary in the coal mine was when researchers noted that Minecraft’s servers could be compromised via the vulnerability. Microsoft last week posted instructions for how players could update the...
Read More HERE
The Log4J problem only applies to servers. If running a Linux server, you can test for vulnerabilities. See: https://appreviewcritics.com/2021/12/14/how-to-test-if-your-linux-server-is-vulnerable-to-log4j/
ReplyDeleteIn Terminal, run : sudo wget https://raw.githubusercontent.com/rubo77/log4j_checker_beta/main/log4j_checker_beta.sh -q -O - | bash
Unless in sudo/root privilege mode, the root directory won't be searched for Log4J.