The hunt for Log4Shell bug continues, and lessons from a ransomware attack on hospitals in Ireland.
Welcome to Cyber Security Today. It’s Wednesday, December 15th. I’m Howard Solomon, contributing writer on cybersecurity for ITWorldCanada.com.
IT staff continue to hunt for evidence of the Log4Shell vulnerability in their systems. They face two problems: First, it could be a long hunt. The U.S. Cybersecurity and Infrastructure Security Agency estimates hundreds of millions of devices are vulnerable to the flaw in the Java-based Log4j2 logging capability. The SANS Institute offers this advice: Enumerate all internet-connected devices with log4j2 installed, make sure you monitor all the alerts from them, and configure a web application firewall to reduce the attack surface and the volume of alters. If you’ve been thinking of moving Java-based applications to another technology, now’s the time to do it.
The second problem is your IT system may have been penetrated as early as the first of the month. Security researchers at Cloudflare and Cisco Systems reportedly found evidence of an exploit attempt that far back. So if your organization’s IT environment is exposed to the vulnerability, in addition to shutting the door look for evidence of compromise. Researchers note that attackers are already trying to leverage the vulnerability to install ransomware and cryptomining applications. The Canadian Centre for Cyber Security warned that log4j2 is used in many third-party enterprise applications and frameworks.
NOTE FOR DEVELOPERS: If your application includes log4j2 ins ..
Support the originator by clicking the read the rest link below.
