Log4j – Page 5 – WindowsTechs.com

CISA’s new JCDC worked as intended, witnesses say at Senate hearing on Log4Shell bug

Posted on February 8, 2022 by Tonya Riley

Changes in federal cybersecurity leadership over the past year allowed the private and public sectors to quickly work together in responding to the disclosure of the Log4shell bug last month, experts said Tuesday at a Senate hearing. Witnesses at the Homeland Security and Governmental Affairs Committee hearing praised the usefulness of the Joint Cyber Defense Collaborative, a new center launched by the Cybersecurity and Infrastructure Security Agency in August to help federal agencies, the private sector and state and local governments collaborate on cyberthreat response. “Its structure provided a body to scramble a snap call on Saturday afternoon after Log4shell emerged to allow industry competitors act as partners with the government to share raw situational awareness and we must continue building upon this partnership,” said Jen Miller-Osborn, deputy director of threat intelligence at Palo Alto Networks’ Unit 42. The witnesses warned that the fallout from Log4shell — a vulnerability in […]

The post CISA’s new JCDC worked as intended, witnesses say at Senate hearing on Log4Shell bug appeared first on CyberScoop.

Continue reading CISA’s new JCDC worked as intended, witnesses say at Senate hearing on Log4Shell bug→

How would zero trust prevent a Log4Shell attack?

Posted on January 27, 2022 by Help Net Security

There is a seemingly trivial solution to any remote code execution attack, namely: do not to let the inbound traffic match the pattern that triggers the vulnerability of the server. Easy to say, but hard to do. There are almost endless variations of tr… Continue reading How would zero trust prevent a Log4Shell attack?→

New SolarWinds Serv-U vulnerability exploited in Log4j-related attacks

Posted on January 20, 2022 by Zeljka Zorz

Attackers looking to exploit recently discovered Log4j vulnerabilities are also trying to take advantage of a previously undisclosed vulnerability in the SolarWinds Serv-U software (CVE-2021-35247). It affects version 15.2.5 and previous versions of Se… Continue reading New SolarWinds Serv-U vulnerability exploited in Log4j-related attacks→

White House hosts open-source software security summit in light of expansive Log4j flaw

Posted on January 13, 2022 by Tim Starks

Tech giants and federal agencies will meet at the White House on Thursday to discuss open-source software security, a response to the widespread Log4j vulnerability that’s worrying industry and cyber leaders. Among the attendees are companies like Apple, Facebook and Google, as well as the Apache Software Foundation, which builds Log4j, a ubiquitous open-source logging framework for websites. “Building on the Log4j incident, the objective of this meeting is to facilitate an important discussion to improve the security of open source software — and to brainstorm how new collaboration could rapidly drive improvements,” a senior administration official said in advance of the meeting. The huddle convenes in light of a vulnerability discovered last month known as Log4Shell that could affect up to hundreds of millions of devices, and as federal officials, businesses and security researchers race to contain the potential fallout. It’s the latest of several Biden White House summits […]

The post White House hosts open-source software security summit in light of expansive Log4j flaw appeared first on CyberScoop.

Continue reading White House hosts open-source software security summit in light of expansive Log4j flaw→

Suspected Chinese hackers use Log4j flaw to deploy Night Sky ransomware, Microsoft warns

Posted on January 11, 2022 by AJ Vicens

A China-based ransomware operator has been exploiting a vulnerability in Log4j software to attack internet-facing systems running a popular virtualization service, Microsoft analysts reported Monday. The findings point toward attacks on VMWare Horizon, an application that allows remote users access to virtual computers and servers. Successful attacks have led to the deployment of ransomware via a hacking campaign that calls itself Night Sky. The group behind this effort has previously deployed other ransomware strains, including LockFile, AtomSilo, and Rook, the Microsoft researchers reported. This new campaign, which dates back to Jan. 4 — even though the VMWare Horizon exploitation at the hands of the Log4j vulnerability was spotted toward the end of December — relies in part on spoofed domains made to look as though they’re associated with known technology firms such as TrendMicro, Sophos, Nvidia, and Rogers. VMware issued guidance on remediation on Dec. 14, less than a week after […]

The post Suspected Chinese hackers use Log4j flaw to deploy Night Sky ransomware, Microsoft warns appeared first on CyberScoop.

Continue reading Suspected Chinese hackers use Log4j flaw to deploy Night Sky ransomware, Microsoft warns→

If hackers are exploiting the Log4j flaw, CISA says we might not know yet

Posted on January 10, 2022 by Tim Starks

Federal officials cautioned Monday that, while the widespread Log4j vulnerability hasn’t led to any major known intrusions in the U.S., there could be a “lag” between when the flaw became known, and when attackers exploit it. Cybersecurity and Infrastructure Security Agency Director Jen Easterly said that there were months between the discovery of the vulnerability that led to the 2017 Equifax breach, which exposed the personal information of nearly 150 million Americans, and word of the breach itself, invoking one of the most notable hacks in history. “We do expect Log4j to be used in intrusions well into the future,” Easterly said on a call with reporters. “There may be a lag between when this vulnerability is being used and when it is being actively deployed.” Apache Struts, an open-source tool, was at the center of the Equifax breach, and Apache’s Log4j is a ubiquitous open-source logging tool. Easterly said […]

The post If hackers are exploiting the Log4j flaw, CISA says we might not know yet appeared first on CyberScoop.

Continue reading If hackers are exploiting the Log4j flaw, CISA says we might not know yet→

On December 9, 2021, a (now deleted) tweet linking to a 0-day proof of concept (PoC) exploit (also now deleted) for the Log4Shell vulnerability on GitHub set the internet on fire and sent companies scrambling to mitigate, patch and then patch again as … Continue reading The Log4j debacle showed again that public disclosure of 0-days only helps attackers→

FTC threatens “legal action” over unpatched Log4j and other vulns

Posted on January 5, 2022 by Paul Ducklin

Remember the Equifax breach? Remember the $700m penalty? In case you’d forgotten, here’s the FTC to refresh your memory! Continue reading FTC threatens “legal action” over unpatched Log4j and other vulns→

Category Archives: Log4j