A NEW vulnerability discovered in a widely used software library is causing mayhem on the internet.
It is forcing network defenders to scramble as hackers rush to exploit the weakness.
What is Apache Log4j?
The vulnerability, called Log4j, comes from a popular open source product that helps software developers track changes in the applications they build.
It is so ubiquitous and embedded in the programs of many companies that security executives expect widespread abuse.
“The Apache Log4j Remote Code Execution Vulnerability is a founding director of the US Computer Emergency Readiness Group,” said Amit Yoran, chief executive officer of Tenable, a cybersecurity company, and founding director of the US Computer Emergency Readiness Group. The biggest, most serious vulnerability of the past decade.”
The US government sent an alert to the private sector about the Log4j vulnerability and the potential threat it poses on Friday, December 10.
On a conference call, CISA leadership said this is one of the worst vulnerabilities seen in years.
She urged companies with employees working through the holiday to fight those using new methods to exploit vulnerabilities.
Much of the software affected by Log4j, which bears names like Hadoop or Solr, may not be familiar to the general public.
But like last year’s SolarWinds program at Russia’s espionage center, the popularity of these dark horse programs makes them ideal starting points for digital intruders.
Juan Andres Guerrero-Saade, principal threat researcher at cybersecurity firm SentinelOne, calls it “one of those nightmare vulnerabilities that there’s almost no way to prepare for”.
Although a partial fix for the vulnerability was released by Apache on Friday, Log4j makers, affected companies and network defenders will need time to locate the vulnerable software. hacked and deploy patches properly. Security experts say Log4j itself is maintained by several volunteers.
Why is Log4j vulnerable?
In fact, the vulnerability allows outsiders to enter operational code into the record keeping process. That piece of code then tells the server hosting the software to execute a command that gives the hacker control.
Apache noted the issue was first publicly disclosed by a security researcher working for Chinese technology company Alibaba Group Holding Ltd.
For now, it is clear that the initial exploit was discovered on December 2, before a patch was rolled out a few days later.
Attacks became much more widespread as every Minecraft player used it to control servers and spread information in game chats.
What effect does Log4j have?
The Log4j vulnerability affects everything from the cloud to developer tools and security appliances.
To date, there have been no publicly documented major disruptions as a result of the vulnerability, but researchers are noticing an alarming increase in hacking groups trying to take advantage of the vulnerability. this error to spying.
“We also expect to see this vulnerability in everyone’s supply chain,” said Chris Evans, director of information security at HackerOne.
Experts who monitor developments say that many botnets or groups of computers controlled by criminals are also exploiting this vulnerability in an effort to add more captive machines.
What many experts fear now is that this bug could be used to deploy malware that destroys data or encrypts data, like what has been used against a pipeline operator. American Colonial Pipeline.
We pay for your stories!
Do you have a story for the American team The Sun?
https://www.thesun.co.uk/tech/17035440/what-is-apache-log4j/ What is Apache Log4j?