Omega Systems has been working diligently to identify and remediate systems susceptible to the vulnerability known as Log4J. This massive, global security vulnerability is reportedly impacting the majority of the internet’s web applications.
On Dec. 9, 2021 the Log4J vulnerability (AKA Log4Shell) was identified as being exploited in the wild. The subsequent investigation revealed the exploitation of the vulnerability impacts nearly all of the internet, making this vulnerability rank “SEVERE”. The widely accessible proof of concept is not only readily available online, it proves execution is effortless.
The Log4J vulnerability impacts a commonly used component of open source logging software offered by the Apache Foundation, leveraged by app developers to understand how their programs function. Experts indicate this open source software is used by millions upon millions of application installations globally. Hackers are exploiting the vulnerability through both the Windows and Linux platforms to gain access and control over any organization’s network that runs any unpatched applications that are created using this software.
According to Microsoft’s Threat Intelligence Team, right now, the majority of attackers from around the world have been using the Log4J vulnerability to highlight unpatched applications, while others have advanced to distributing coin miners, launching attacks, stealing credentials and hijacking data.\
It’s important to note every business is at high risk. Because an attacker essentially gains keys to your network kingdom, it is easy to do things like:
Cybersecurity experts warn businesses not to overlook the severity of this threat, even if they believe they are not vulnerable. Don’t fall prey to these misconceptions:
“Our applications don’t leverage the Log4J framework…”
In addition to applications, Log4J can affect API servers; therefore, even if you do not use the Log4jlogging framework, it is possible you are trusting third-party APIs that contain the flaw and are exposed.
**This less publicized scenario is particularly dangerous for businesses and very attractive to attackers, given most businesses have limited visibility into their API inventory and behavior.**
“We don’t use Java…”
Whatever third party software you are using could have the Log4J framework embedded, which could mean the threat will not show up in your vulnerability scans.
In these types of complicated situations, it makes sense to leverage professional support. Omega Systems is diligently protecting our managed support and managed cybersecurity customers with solutions for active prevention and post-exploitation protection as it pertains to the Log4J vulnerability. Our Omega-badged SOC Team is addressing managed environments with Detection & Validation, Remediation Reporting, AI-Powered Prevention, Exposed Application Visibility, Evolutionary Intrusion Prevention and Threat Forensics.