Cybersecurity News Alert

13 Dec 2021

Do you know what a logging library is? What you don’t know could hurt your organization—severely. On Thursday, December 9, a critical zero-day vulnerability affecting many versions of Apache’s Log4j 2 Java logging library was publicly announced. Since then, hackers have been busily scanning the internet for instances of Log4j vulnerable to the flaw, called CVE-2021-44228 and nicknamed “Log4Shell.” On the Common Vulnerability Scoring System (CVSS), an industry standard for assessing the seriousness of a cybersecurity vulnerability, this one has scored a 10.0—the highest possible severity rating.

What does CVE-2021-44228 do? It allows attackers to perform remote code execution. In short, they can run any code they want to and access all information on the affected system or device. That means a hacker using this on vulnerable software in your system could steal data, install malware, lock down your files with ransomware—whatever they want.

What Is Log4j?

Log4j is open-source software for logging the activity of software. Almost all software keeps records of important events and errors—rather than reinventing this function every time, software developers tend to use a solution that’s already readily available, like Log4j. In fact, Log4j is one of the most commonly used logging packages in the world.

Why Log4j Is a Huge Problem

You may be wondering why a bug in software you’ve never heard of is creating such a panic. That’s because it’s used in many major cloud services, applications, and PC games, including Apple iCloud, Cloudflare, and Minecraft. In fact, Java is one of the top programming languages used by businesses, and Log4j is used by a large percentage of Java programs developed for businesses in the last decade. The chances that something on your system, somewhere, uses Log4j is high.

Cybersecurity experts are warning that they’ve already seen evidence of this vulnerability being exploited, as well as a surge in attacks trying to take advantage of the flaw. It’s also scarily easy for hackers to use—in Minecraft hackers could use chat boxes to enter malicious code, for example, because a log entry was created to archive each message. Now IT teams are scrambling to figure out exactly where this ubiquitous piece of software is creating holes in applications in widespread use before malicious actors do.

Fast Action is Critical

Apache Log4j

Zero-Day Vulnerability Discovered

Log4Shell affects every version of Log4j between versions 2.0 and 2.14.1. Apache has patched the vulnerability in version 2.15.0, so the race is on to get Log4j updated faster than hackers can sneak into the systems. The problem is that this isn’t like updating to the latest version of Microsoft Office—you may not even know where in your system this code is embedded. In the meantime, an unpatched version is like leaving the welcome mat out for cybercriminals.

At Petronella, our SOC team immediately began working with other teams around the globe to gather telemetry on active exploits of Log4Shell and had early detections in place on Friday, December 10. On Saturday, December 11, high confidence indicators were being investigated that allowed our XDR platform to detect and block exploit attempts. We now have Indicators of Compromise, Tactics Techniques and Procedure detections, and Threat Intelligence that lets us detect and block attempts to exploit the vulnerability and gain command and control and that lets us detect exfiltration attempts from compromised machines. Our SOC team is continuing to work with other teams worldwide to add more detections and mitigations as we learn more.

Protecting You

You can’t fix a problem if you don’t know where to find it. That’s where Petronella Technology Group (PTG) comes in. We have the cybersecurity expertise to take a deep dive into your system and root out vulnerabilities before hackers can exploit them. Don’t take the risk of your business being the next casualty of Log4Shell. Contact PTG today to find out how your company can leverage our advanced AI technology to detect and stop zero-day attacks like this.

Book Your Penetration Test or Vulnerability Scan With Us

Chat With Our Experts Or Contact Us HERE

Schedule an Appointment

Schedule an Appointment

    Our clients are awesome!

    Based on 55 reviews.
    Jeremy Richards
    Jeremy Richards
    2020-03-13
    Petronella provides great advanced digital marketing and automation solutions for my business!
    Kate Swenson
    Kate Swenson
    2020-02-14
    Highly recommended for CMMC certification assistance! Excellent and affordable options for secure data hosting on local infrastructure. 5 stars!
    Tom Matzen
    Tom Matzen
    2020-01-25
    Petronella Technology Group helped us setup our sales and marketing automation, cybersecurity and compliance for our new Blockchain startup. Great to work with! Craig in particular really knows his stuff, can translate into non-tech speak, and has wisdom beyond his years. Highly recommend them.
    Justin Summers
    Justin Summers
    2020-01-14
    Craig is awesome! He is very professional and efficient with his work. I would definitely recommend Petronella Technology to anyone who needs state of the art service.
    Blake Rea
    Blake Rea
    2020-01-14
    Craig is an expert in his field. Impressed by his knowledge, A true pioneer in Cybersecurity. My business is safer thanks to Petronella Tech!
    Robert Friedman
    Robert Friedman
    2020-01-10
    For the last five years Craig has been the Contributing Editor for Cybersecurity for NC Triangle Attorney Law Magazine which I publish. His base of knowledge is always leading edge, pragmatic and early to understand for our readers who are not techies. He is patient and easy to work with.
    Tammy Everett
    Tammy Everett
    2020-01-10
    Craig Petronella, CEO of Petronella Technology Group provided the members of the Defense Alliance of North Carolina expert advice on cybersecurity and NIST compliance. Eye opening experience! Thanks so much!
    Julie Brown
    Julie Brown
    2020-01-09
    Craig and the Petronella Technology Group, Inc. team made HIPAA compliance for my small practice so simple and easy! They helped me with all of my HIPAA training, HIPAA Security Risk Assessment, Penetration Test, and HIPAA secure hosting so I can rest easy.
    Pivot Point
    Pivot Point
    2020-01-03
    Petronella Technology Group helped us with our marketing strategy for our new web startup. Awesome experience!!!!
    Richard Brunet
    Richard Brunet
    2019-12-30

    SCHEDULE AN APPOINTMENT

    Make It Happen Now

    CLIENT SUPPORT

    Don't Feel Stranded

    CONSULTATION

    Get Best Advice

    PAYMENTS

    Make A Payment

    Top