In August 2021, the article “Overview in 5 Minutes” stated: “Cyber security, as we discussed last time, will continue to dominate the news headlines for months to come. As such, security will emerge as an important component of observation, with the addition of context to the collected telemetry data. ,
throughout the last year, Some Of they The listed observability software vendors have developed sophisticated security observability solutions. Still, your arsenal against cyber attacks and vulnerabilities shouldn’t stop here.
In addition to security overview, organizations should implement Denial of Service (DoS) and Web Application Firewall (WAF) protection, proactive scanning and other best practices; Including auditing of applications and infrastructure, VPN-enabled network security firewall (lockdown IP/port), security keys, multi-factor authentication, auto-updates, end-to-end encryption, remote backup and incident response plans in place . , With the emergence of recent exploits, we will focus on notable solutions, tools, and resources specific to Log4j vulnerabilities.
Log4j zero-day vulnerability (Log4shell)
on December 9, 2021 Alibaba Cloud Security Team Published A zero-day Vulnerability involving arbitrary code execution log4j The descriptor “Log4Shell” is given. worth has characterized it as “the biggest, most significant vulnerability of the past decade”. Apache Software Foundation (ASF) Issued safety advice on a remote code execution vulnerability (CVE-2021-44228) affecting its Log4j Java-based logging utility. vulnerability was assessed Severe severity and assigned a CVSS score of 10/10 by MITER,
Shortly thereafter, attackers began exploiting the Log4j vulnerability, prompting government cybersecurity institutions around the world, including United States Cyber Security and Infrastructure Security Agency (CISA), Austria’s Computer Emergency Response Team (CERT), National Cyber Security Center (NCSC) of the Netherlands, UK’s NCSC and to issue alerts advising other organizations to patch their systems immediately.
Several new vulnerabilities in the last few days – CVE-2021-45046A DoS/RCE flaw that was corrected in v2.16.0, CVE-2021-45105 A DoS hole v2.17.0 and . plugged in CVE-2021-4104 RCE vulnerability affecting Log4j v1.2 – discovered in the popular library since Log4Shell (CVE-2021-44228) was fixed by releasing Log4j v2.15.0.
Log4j Vulnerability Solutions, Tools and Resources
beyond Fixing vulnerabilities in Log4j, I’ve compiled a list of links over the past week, as well as protecting and provisioning clients against Log4j’s exploits and future threats. This alphabetical list includes a mix of free resources, open-source tools, and paid solutions. Please share this page. You can also submit suggestions in the comments section or by using the contact me form.
1 – 10
11 – 20
- crowdstrike – Protects customers from threats delivered through Log4Shell.
- fast – Rapid Signal Science WAF rules for CVE-2021-44228.
- forescout –foreshadowing can help ease Log4shell.
- fortinet – Strategic steps to mitigate the latest log4j cyber security attacks.
- fox-it log4j-finder – Find vulnerable Log4j2 versions on disk and inside Java archive files.
- google cloud – Google Cloud and Chronicle solution for the “Log4j 2” vulnerability (Cat),
- infraguard – from the Federal Bureau of Investigation (FBI). Register/Signup.
- intruder.io – Log4j vulnerability scanning and mitigation.
- jfrog – Log4shell treatment using the JFrog platform.
- local log4j vuln scanner – Local scanner for vulnerable log4j examples written in Go.
21 – 30+
- Lunasec.io – Automatic patching service and mitigation.
- Microsoft – Microsoft security solutions help protect against and detect Log4j attacks.
- NCC Group – Leverage 24/7 Log4j Emergency Incident Response.
- ncsc-nl log4shell resource , Operational information regarding the vulnerability in Log4j.
- NSE Log4Shell – Nmap NSE script to check against log4shell or LogJam vulnerabilities.
- Palo Alto Networks – Defense for Apache Log4j vulnerability.
- praetorian – Advanced attack management platform.
- rapid7 – Log4j vulnerability response.
- Rubo77 Log4j Checker Beta – Perform a rapid check if your server may be vulnerable to CVE-2021-44228.
- worth – Latest research and insights on CVE-2021-44228 (log4shell).
- trendmicro tester – Log4j vulnerability tester.
- upguard – Third party vulnerability and attack surface management.
Cyber Security: Next Steps
Start with detailed audit and scanning of all applications, infrastructure and networks, Denial of Service (DoS) and Web Application Firewall (WAF) protection, VPN-enabled network security firewall, Security Keys, multi-factor authentication, auto-updates , Set up end-to-end encryption, remote backup and incident response plans.
How does your team use technology to provide powerful layers of protection against the current rise in Log4j exploits and cyber attacks?
(Refresh this page as it is constantly updated)