Vulnerabilities to Apache Log4j has led to multiple cyber security agencies releasing a joint advisory.
Severe vulnerabilities to Log4j and notably Log4Shell are viewed as severe with highly sophisticated hacking groups are actively scanning networks for exploitable and vulnerable systems. The explots are specifric to Log4Shell, CVE-2021-45046, and CVE-2021-45105. (Which there is an available scanner for from the CISA, or Cybersecurity and Infrastructure Security Agency. There is also a similar tool from CERT.)
You can read more on the CISA announcement page here.
The Apache Software Foundation or ASF has released updates to address two flaws, and it is recommended that IT teams work to understand and manage vulnerabilities so that they can protect their networks, hardware, and infrastructure.
Why should you care?
Since these vulnerabilities have become public knowledge at the end of 2021, unpatched servers have come under attack from ransomware groups, hacking organizations, and more. These attacks are being used to gain access and conduct further attacks (such as botnet malware, cryptominers, and more).
The FBI has released their own warnings due to the sophistication of both the attacks, as well as the obfuscation techniques used to prevent system administrators and IT departments from knowing they have been compromised.
How can we help?
It is important to resolve this issue and remove any chances of vulnerability within your business systems. If you need any support, you can always reach out to Britec and contact us.