Apache recently announced a critical remote code execution vulnerability affecting at least Apache Log4j 2 (versions 2.0 through 2.14.1). This vulnerability is designated by MITRE as CVE-2021-44228 and is rated at the highest severity level 10.0. The vulnerability is also known to security researchers as Log4Shell. If exploited, this vulnerability could potentially allow attackers to take complete control of the affected system.
One thing up front – CYBERTRAP products are not affected.
Log4j is a widely used third-party open-source Java logging library used in software applications and services.
The Log4j vulnerability is in a commonly used library for Java software. It is limited to some older versions of the library, but no one has a full view of where vulnerable versions of Log4j are used everywhere.
Particularly insidious: Attackers could now use the gap to build in backdoors for themselves, and the actual attacks will certainly only take place weeks or many months later. Such an approach is common among so-called ransomware groups, which encrypt their victims’ data and then demand a ransom to release it again.
What is particularly problematic is that at least some attackers may have had more lead time than initially thought. The problem became public knowledge after the vulnerability was discovered Thursday on servers for the online game “Minecraft.” However, it was found out that attack attempts targeting the vulnerability had been circulating since at least Dec. 1. However, it wasn’t until the weekend that there were attacks across the board, it said.
How can Deception Technology help here?
Deception technology helps manage exactly this uncertainty, whether the attack has already been successful, and backdoors have already been built in. With Deception technology, you have a handle to start right there, to quickly detect the attackers in their lateral movement in the coming weeks and months and redirect them to a secured environment where they cannot do any damage.
CYBERTRAP offers its European Deception Technology solution to organizations of all sizes.
We have a version tailored for SMEs and one for large organizations.
says CYBERTRAP CEO Franz Weber.
You might also be interested in: What is Lateral Movement
About the author