What Changes When Your Software Supply Chain Includes AI Writing Your Code?
Software supply chain security was hard enough. Then AI joined the build pipeline
Log4Shell is a critical flaw in Apache Log4j that can let attackers execute code remotely in Java applications using the library.
Search across headline titles and summaries.
Background for this topic.
Log4Shell is a remote-code-execution vulnerability in Apache Log4j, a Java library used to record application events. Identified as CVE-2021-44228, it can be triggered when an affected Log4j version processes attacker-controlled text containing a specially crafted lookup. In vulnerable configurations, that lookup can cause the application to contact an attacker-controlled service and load code, potentially giving the attacker control of the host. Exploitation is not automatic in every deployment, but the library’s widespread use made the vulnerability significant.
Security teams must account for Log4j bundled inside applications and other dependencies, not only software they installed directly. Vulnerability management therefore requires dependency inventory, version verification, and upgrading or otherwise mitigating affected installations according to Apache’s guidance. Teams should also review application and network logs for exploitation attempts, restrict unnecessary outbound connections, and investigate systems that may have processed malicious lookups. If compromise is suspected, response may require isolating the host and rotating credentials or secrets accessible to the affected process.
Weekly headline count for the current query.
Software supply chain security was hard enough. Then AI joined the build pipeline
Sonatype has claimed that 13% of Log4j versions downloaded this year were vulnerable to the legacy critical Log4Shell bug
In today's rapidly evolving cyber threat landscape, organizations face increasingly sophisticated attacks targeting their applications. Understanding these threats and the technologies designed to combat them is crucial. This article delves into the mechanics of a common application attack, using the infamous Log4Shell vulnerability as an example, and demonstrates how Application Detection and
Botnet Looks for Vulnerable Internal Network MachinesDelivering more proof that the Log4Shell vulnerability is endemic, Akamai researchers detected botnet malware updated to use the flaw as an infection vector. Log4Shell burst into public awareness in late 2021 when security researchers identified a flaw in the ubiquitous Apache Log4J 2 Java library.
Everyone knows to patch vulnerabilities for Internet-facing assets, but what about internal ones? One botnet is counting on your complacency.
The threat actor behind a peer-to-peer (P2P) botnet known as FritzFrog has made a return with a new variant that leverages the Log4Shell vulnerability to propagate internally within an already compromised network
VulnCheck claims the potential impact of Log4Shell was exaggerated
North Korean Hackers Deploy Novel Malware FamiliesNorth Korean hacking group Lazarus Group is exploiting Log4Shell to target manufacturing, agriculture and physical security sectors, resulting in the deployment of a tailored implant on compromised systems. The attack campaign targeted publicly accessible VMware Horizon servers.
The notorious North Korean hacking group known as Lazarus continues to exploit CVE-2021-44228, aka "Log4Shell," this time to deploy three previously unseen malware families written in DLang. [...]
Latest offensive cyber group to switch to atypical programming for payloads Research into Lazarus Group's attacks using Log4Shell has revealed novel malware strains written in an atypical programming language.…
Cisco Talos said Operation Blacksmith leveraged the flaw in publicly facing VMWare Horizon servers
The infamous vulnerability may be on the older side at this point, but North Korea's primo APT Lazarus is creating new, unique malware around it at a remarkable clip.
Lack of awareness still blamed for patching apathy despite it being among most infamous bugs of all time Two years after the Log4Shell vulnerability in the open source Java-based Log4j logging utility was disclosed, circa one in four applications are dependent on outdated libraries, leaving them open to exploitation.…
Roughly 38% of applications using the Apache Log4j library are using a version vulnerable to security issues, including Log4Shell, a critical vulnerability identified as CVE-2021-44228 that carries the maximum severity rating, despite patches being available for more than two years. [...]
The North Korea-aligned threat actor known as Andariel leveraged a previously undocumented malware called EarlyRat in attacks exploiting the Log4j Log4Shell vulnerability last year
The infamous North Korean APT group is using Log4Shell, the 3CX supply chain attack, and other known vectors to breach Microsoft Web servers.
Here’s how Wiz can help Sponsored Feature When software vulnerabilities and zero days moved up the enterprise worry list 15 years ago, nobody imagined the world would one day end up with a threat as perplexing as Log4Shell – a vulnerability in the Apache Log4j open source logging framework that's used in software on all major operating systems spanning everything from cloud services to PC games.…
Though there have been fewer than expected publicly reported attacks involving the vulnerability, nearly three-quarters of organizations remain exposed to it.
CISA says Federal Civilian Executive Branch systems were compromised through a Log4Shell vulnerability in an unpatched VMware Horizon server.
Threat actors installed crypto-miner and achieved persistence