CISA FBI and NSA Issue A Joint Advisory To Mitigate Log4j Vulnerabilities

You may not have heard of Cybersecurity and Infrastructure Security Agency (CISA).

The U.S CISA is part of the Department of Homeland Security and it handles technological threats to the united states.

Mid-last week, the agency had a briefing with “critical infrastructure stakeholders” about the Log4Shell vulnerability. A string processing vulnerability in Apache’s Log4J logging package—used as an indifferent piece of popular software by a number of manufacturers, including Apple, Amazon, and iCloud—allows a remote user with a specially crafted message to gain full remote code execution on the vulnerable system without any credentials required.

Together with other cybersecurity agencies from Canada, Australia, the U.K., and New Zealand. CISA on Wednesday released a joint advisory in response to the exploitation of multiple vulnerabilities in Apache’s Log4j software library by malicious actors.

“Log4j vulnerabilities present a severe and ongoing threat to organizations and governments around the world; we implore all entities to take immediate action to implement the latest mitigation guidance to protect their networks,” said CISA Director Jen Easterly.

“CISA is working shoulder-to-shoulder with our interagency, private sector, and international partners to understand the severe risks associated with Log4j vulnerabilities and provide actionable information for all organizations to promptly implement appropriate mitigations. These vulnerabilities are the most severe that I’ve seen in my career, and it’s imperative that we work together to keep our networks safe.”

Since the disclosure of the vulnerability CVE-2021-44228 this month, unpatched systems have come under siege from nation-state hackers to ransomware groups, who have exploited it to gain access to networks and deploy cryptominers, botnet malware, and Cobalt Strike beacons.

“Malicious cyber actors are already scanning and exploiting some of the many thousands of vulnerable systems around the world. To address this threat we all need to be proactive in our efforts to patch, partner and monitor,” said Ms. Jessica Hunter Acting Head of the Australian Cyber Security Centre.

Image credit: The Hacker News

The FBI assessment of the attacks raised the possibility that malicious actors are incorporating the flaws into “existing cybercriminal schemes that are looking to adopt increasingly sophisticated obfuscation techniques.” In light of the severity of the vulnerabilities and likely increased exploitation, organizations are being urged to identify, mitigate, and update affected assets as soon as possible.

Mandiant and   ‘SentinelOne have apparently both reported that Chinese state-sponsored cybercriminals are actively exploiting the flaw. While other groups are using the flaw to mine cryptocurrency, particularly  Monero.

However, an assessment published this week by Israeli cybersecurity firm Resilient, found that paid scanning tools were ill-equipped to detect all formats of the Log4j library in an environment due to the fact that the codes are deeply nested in other files, revealing the “blind spots” in such systems and the limitations of static scanning.

“The biggest challenge lies in detecting Log4Shell within packaged software in production environments: Java files (such as Log4j) can be nested a few layers deep into other files — which means that a shallow search for the file won’t find it,” vulnerability research lead at Rezilion Yotam Perkal,  said.

As severe as the Log4J vulnerability is, most users don’t really have to worry about their own systems. The concern is primarily for Java-based web servers hosting internet services. If you’re a system administrator, you’re almost certainly already patching your systems, but just in case, it might not be a bad idea to go ahead and poke all your software to have it checked for updates.

129 thoughts on “CISA FBI and NSA Issue A Joint Advisory To Mitigate Log4j Vulnerabilities”

  1. Pingback: SPNEGO Extended Negotiation Vulnerability Leaves Systems Vulnerable to Critical Remote Code Execution - Shanzotech

  2. Your article gave me a lot of inspiration, I hope you can explain your point of view in more detail, because I have some doubts, thank you.

  3. I am currently writing a paper that is very related to your content. I read your article and I have some questions. I would like to ask you. Can you answer me? I’ll keep an eye out for your reply. 20bet

  4. An interesting discussion is worth comment. I believe that you should write extra on this matter, it might not be a taboo topic however generally persons are not sufficient to talk on such topics. To the next. Cheers

  5. This is the fitting weblog for anyone who needs to find out about this topic. You understand a lot its virtually laborious to argue with you (not that I truly would want匟aHa). You definitely put a new spin on a subject thats been written about for years. Nice stuff, simply great!

  6. naturally like your website however you need to take a look at the spelling on several of your posts. A number of them are rife with spelling problems and I in finding it very bothersome to tell the reality however I¦ll definitely come again again.

  7. Youre so cool! I dont suppose Ive learn anything like this before. So nice to seek out anyone with some unique ideas on this subject. realy thanks for starting this up. this website is one thing that is needed on the web, somebody with a bit originality. helpful job for bringing something new to the web!

  8. Good post. I study something tougher on completely different blogs everyday. It is going to at all times be stimulating to read content material from other writers and apply somewhat one thing from their store. I抎 favor to make use of some with the content material on my weblog whether or not you don抰 mind. Natually I抣l provide you with a hyperlink in your net blog. Thanks for sharing.

  9. I haven?¦t checked in here for a while since I thought it was getting boring, but the last few posts are good quality so I guess I?¦ll add you back to my daily bloglist. You deserve it my friend 🙂

  10. Woah! I’m really digging the template/theme of this blog. It’s simple, yet effective. A lot of times it’s hard to get that “perfect balance” between superb usability and visual appeal. I must say you have done a fantastic job with this. Additionally, the blog loads very fast for me on Internet explorer. Exceptional Blog!

  11. Nice read, I just passed this onto a friend who was doing a little research on that. And he just bought me lunch since I found it for him smile Thus let me rephrase that: Thanks for lunch!

  12. Whats up! I just want to give a huge thumbs up for the great data you’ve here on this post. I will probably be coming again to your blog for extra soon.

  13. Does your site have a contact page? I’m having a tough time locating it but, I’d like to send you an email. I’ve got some suggestions for your blog you might be interested in hearing. Either way, great site and I look forward to seeing it expand over time.

  14. I like this post, enjoyed this one appreciate it for putting up. “No trumpets sound when the important decisions of our life are made. Destiny is made known silently.” by Agnes de Mille.

  15. I discovered your blog web site on google and test a few of your early posts. Continue to maintain up the excellent operate. I just additional up your RSS feed to my MSN News Reader. Searching for ahead to reading extra from you later on!…

  16. Thanks a lot for sharing this with all people you really realize what you’re talking about! Bookmarked. Please additionally talk over with my site =). We can have a hyperlink trade agreement among us!

  17. Thank you for your sharing. I am worried that I lack creative ideas. It is your article that makes me full of hope. Thank you. But, I have a question, can you help me?

  18. Hiya, I’m really glad I have found this information. Nowadays bloggers publish just about gossips and internet and this is really frustrating. A good website with interesting content, that’s what I need. Thanks for keeping this site, I will be visiting it. Do you do newsletters? Cant find it.

  19. I’ve recently started a blog, the information you offer on this web site has helped me tremendously. Thank you for all of your time & work.

  20. – Где купить аттестат- Таков вариант получить официальный бумага о завершении образовательного учреждения. Свидетельство раскрывает пути к дополнительным карьерным возможностям и карьерному развитию.

  21. возникает вопросом для многих, кто попадает со потребностью получить официальное удостоверение об образовании.
    Современные технологические разработки или развитие онлайн рынка дают возможность обнаружить много возможностей для покупки документа.
    Тем не менее, выбор надежного провайдера делается важным фактором этого процедуры.
    Некоторые компании производят производство документов с минимальными усилиями от заказчика, но не всегда качество таких документов удовлетворяет требованиям.
    Следует подбирать подтвержденные и рекомендуемые поставщики, где можно купить документ со уверенным качественными характеристиками или подлинностью.
    Одновременно, следует замечать не только стоимость, но имидж продавца, рецензии заказчиков и возможность получать консультацию эксперта до закупкой.
    Корректный подбор позволит предотвратить нежелательных последствий или ассигурирует уверенность в наличии требуемого документа.

  22. What i do not understood is in truth how you are no longer really a lot more neatly-preferred than you may be right now. You are very intelligent. You realize thus significantly with regards to this subject, made me in my opinion believe it from a lot of varied angles. Its like men and women aren’t involved unless it is one thing to do with Woman gaga! Your individual stuffs excellent. At all times care for it up!

Leave a Comment

Your email address will not be published. Required fields are marked *

Scroll to Top