Log4j could be the most serious security threat ever seen, CISA head warns

Handling it will take a sustained effort, experts are saying

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

Jen Easterly, the director of the U.S. Cybersecurity and Infrastructure Security Agency (CISA) has warned the recently-revealedLog4jvulnerability was “one of the most serious” she’s seen in her entire career, “if not the most serious”.

“We expect the vulnerability to be widely exploited by sophisticated actors and we have limited time to take necessary steps in order to reduce the likelihood of damage,” Easterly explained.

Adding to the conversation was Jay Gazlay, of CISA’s vulnerability office, who said that “hundreds of millions of”endpointswere likely to be affected by the flaw.

Log4j threat

CISA is part of the US Department of Homeland Security, and is currently building a website for all affected parties to educate themselve, but also to “counter active disinformation”.

To ensure organizations are safe from this flaw, a “sustained effort” will be needed, Gazlay added:  “There’s no single action that fixes this issue,” he added, before saying that this is not a problem that’s going to disappear in a fortnight.

Besides patching up as soon as possible, companies should make sure all hands are on deck over the holidays.

Numerous exploits

Earlier this month, a new zero-day vulnerability in the popular Java logging framework Log4j was discovered with huge destructive potential. It’s tracked as CVE-2021-44228, and allows malicious actors to run virtually any code. The skills required to take advantage of the flaw are very low, experts have warned, urging everyone to patch Log4j as fast as they can.

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

The flaw is being compared to the 2017 issue which led to the Equifax hack, leading to the personal data of almost 150 million people being exposed.

Organizations using Log4j in their software should upgrade it to the latest 2.15 version immediately which is available fromMaven Central.

So far, experts have discovered multiple use cases for the vulnerability: to installmalware, cryptominers, to add the devices to the Mirai and Muhstik botnets, to drop Cobalt Strike beacons, to scan for information disclosure, or for lateral movement throughout the affected network.

It’s yet to be used in a supply chain attack, though.

You might also want to check out our list of thebest firewallstoday

Via:Cyberscoop

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

This new malware utilizes a rare programming language to evade traditional detection methods

A new form of macOS malware is being used by devious North Korean hackers

I fell in love with the cute and compact Hyundai Inster, but it has one major drawback