Home
articles
books
Alien Earth Ancient Mysteries Biographies Classics Conspiracy Curmy's Library Current Events Elaine's Library Fantasy Health Historical Fiction History Horror Humor Literary Acid Magic Montauk Project Music New Age Non Fiction Paranormal Religion & Spirituality Science Science Fiction Suspense UFOs
forum
gallery
A Thousand Words Alien Earth Boston 2013 Burning Man Crop Circles Enhanced Interrogation Ghosts Gulf Oil Spill Historical Photos January 6, 2021 Natural Disasters Oceans Places Politics Protests Sept. 11 Space UFOs Wildlife
links
Computers Health Humor Media Religion Research UK News US News Veterans' Resources World News
movies
Alien Earth B-Movies Classic Horror Comedy Current Events Elaine's Favorites Fantasy Horror Paranormal Science Science Fiction Thriller UFOs
music
Alternative Blues Celtic Classic Country Classical Disco! Electronica Goth Grunge Hippy Jazz Jazz Fusion Meditation Metal Neue Deutsche Härte New Wave Oldies Pop Progressive Rock Psychedelic Rock Punk R & B Reggae Rock Showtunes Swing Thrash
topics
UK
USA
videos
Conspiracy Cyberspace Orbit Humor News Propaganda Science UFOs Unsolved Mysteries

Technology

Article 13 of 162 | Back to Technology Previous | Next

CISA, FBI and NSA Publish Joint Advisory and Scanner for Log4j Vulnerabilities

The Hacker News
December 23, 2021

Cybersecurity agencies from Australia, Canada, New Zealand, the US, and the UK on Wednesday released a joint advisory in response to widespread exploitation of multiple vulnerabilities in Apache's Log4j software library by nefarious adversaries.

"These vulnerabilities, especially Log4Shell, are severe," the intelligence agencies said in the new guidance. "Sophisticated cyber threat actors are actively scanning networks to potentially exploit Log4Shell, CVE-2021-45046, and CVE-2021-45105 in vulnerable systems. These vulnerabilities are likely to be exploited over an extended period."

An attacker can exploit Log4Shell (CVE-2021-44228) by submitting a specially crafted request to a vulnerable system that causes that system to execute arbitrary code. CVE-2021-45046, on the other hand, allows for remote code execution in certain non-default configurations, while CVE-2021-45105 could be leveraged by a remote attacker to cause a denial-of-service (DoS) condition.

Since the vulnerabilities became public knowledge this month, unpatched servers have come under siege from ransomware groups to nation-state hackers, who have used the attack vector as a conduit to gain access to networks to deploy Cobalt Strike beacons, cryptominers, and botnet malware.

The U.S. Federal Bureau of Investigation's (FBI) assessment of the attacks has also raised the possibility that threat actors are incorporating the flaws into "existing cyber criminal schemes that are looking to adopt increasingly sophisticated obfuscation techniques." In light of the severity of the vulnerabilities and likely increased exploitation, organizations are being urged to identify, mitigate, and update affected assets as soon as possible.

The latest step taken by the governments arrives as the Apache Software Foundation (ASF) released updates for Apache HTTP Server 2.4.51 to address two flaws — CVE-2021-44790 (CVSS score: 9.8) and CVE-2021-44224 (CVSS score: 8.2) — the former of which could be weaponized by a remote attacker to execute arbitrary code and take control of an affected system.

Topics

Share your thoughts in the Forum

articles

Browse

Solar & Geomagnetic
Conditions