Intruders leverage Log4j flaw to breach Belgian Defense Department

Parts of the Belgian Defense Ministry’s computer networks have been down since Thursday after a cyber incident in which attackers exploited the Apache Log4j vulnerability, government officials said. “All weekend our teams have been mobilized to control the problem, continue our activities and warn our partners,” spokesperson Olivier Séverin told news publication VRT. “The priority is to keep the network operational. We will continue to monitor the situation.” Log4j is a widely used logging software present in hundreds of millions of devices. Hackers associated with the governments of China, Iran, North Korea and Turkey have all raced to take advantage of the exploit, according to Microsoft and Mandiant researchers. Ransomware groups have also sought to exploit the vulnerability. The Belgian Defense Ministry is the first reported high-profile government victim of the vulnerability, but unlikely to be the last given the ubiquity of Log4j in a host of enterprise software popular […]

The post Intruders leverage Log4j flaw to breach Belgian Defense Department appeared first on CyberScoop.

Continue reading Intruders leverage Log4j flaw to breach Belgian Defense Department

The Log4j saga: New vulnerabilities and attack vectors discovered

The Apache Log4j saga continues, as several new vulnerabilities have been discovered in the popular library since Log4Shell (CVE-2021-44228) was fixed by releasing Log4j v2.15.0. There’s CVE-2021-45046, a DoS/RCE flaw that was fixed in v2.16.0, t… Continue reading The Log4j saga: New vulnerabilities and attack vectors discovered

DHS issues emergency directive ordering to all federal civilian agencies to address Log4j flaw

U.S. cyber officials issued an emergency directive Friday giving all federal civilian agencies until Dec. 23 to assess their internet-facing networks for the Apache Log4j vulnerability and immediately patch the systems, or take other measures to mitigate the software flaw. The directive, issued by the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency, comes in response to “the active exploitation by multiple threat actors” of the Log4j bug, which has roiled the information security community since it emerged Dec. 10 as a vulnerability in widely used logging software. The directive also requires agencies to report to CISA by Dec. 28 all software applications affected by the bug by name and version, and what actions were taken. “The log4j vulnerabilities pose an unacceptable risk to federal network security,” CISA Director Jen Easterly said in a statement. “If you are using a vulnerable product on your network, you should consider your […]

The post DHS issues emergency directive ordering to all federal civilian agencies to address Log4j flaw appeared first on CyberScoop.

Continue reading DHS issues emergency directive ordering to all federal civilian agencies to address Log4j flaw

The impact of the Log4j vulnerability on OT networks

Operational Technology (OT) networks are at risk from the recently-announced Apache Log4j (CVE-2021-44228) vulnerability. On the surface, it is not clear why this should be. The vulnerability affects millions of web servers, allowing remote attackers t… Continue reading The impact of the Log4j vulnerability on OT networks

Smashing Security podcast #256: Virgin Media just won’t take no for an answer, NFT apes, and bad optics

After a brief discussion of the Log4Shell vulnerability panic, we discuss how Virgin Media has got itself into hot water, a fat-fingered fumble at the Bored Ape Yacht Club, and how to hack around your girlfriend’s facial recognition.

All this and mo… Continue reading Smashing Security podcast #256: Virgin Media just won’t take no for an answer, NFT apes, and bad optics

Irani and Chinese State Hackers Exploiting Log4j Vulnerability

By Waqas
According to Mandiant’s John Hultquist, Iranian state hackers are specifically aggressive with this Log4j vulnerability.
This is a post from HackRead.com Read the original post: Irani and Chinese State Hackers Exploiting Log4j Vulnerability
Continue reading Irani and Chinese State Hackers Exploiting Log4j Vulnerability

Nation-state hackers aim to exploit Log4j software flaw, Microsoft warns

Hackers associated with the governments of China, Iran, North Korea and Turkey have been trying to find ways to leverage the Apache Log4j vulnerability, Microsoft’s Threat Intelligence Team said Tuesday. The notice came the same day a top U.S. government cyber official said that the Cybersecurity and Infrastructure Security Agency hasn’t seen any U.S. federal agencies targeted with the exploit, but that the government is still fearful of attacks. Hundreds of millions of devices are potentially at risk, an agency official previously said. Microsoft’s notice said its analysts had observed “multiple” known state-associated hacking groups working with the vulnerability, with activity ranging from experimentation to integration in active campaigns to exploitation of targets. The flaw is so severe, computer security specialists have warned, that a successful attack could result in the takeover of an affected system. An Iranian group Microsoft calls “Phosphorus” — known alternatively as “Charming Kitten” — that […]

The post Nation-state hackers aim to exploit Log4j software flaw, Microsoft warns appeared first on CyberScoop.

Continue reading Nation-state hackers aim to exploit Log4j software flaw, Microsoft warns