What Changes When Your Software Supply Chain Includes AI Writing Your Code?
Software supply chain security was hard enough. Then AI joined the build pipeline
Log4Shell is a critical flaw in Apache Log4j that can let attackers execute code remotely in Java applications using the library.
Search across headline titles and summaries.
Background for this topic.
Log4Shell is a remote-code-execution vulnerability in Apache Log4j, a Java library used to record application events. Identified as CVE-2021-44228, it can be triggered when an affected Log4j version processes attacker-controlled text containing a specially crafted lookup. In vulnerable configurations, that lookup can cause the application to contact an attacker-controlled service and load code, potentially giving the attacker control of the host. Exploitation is not automatic in every deployment, but the library’s widespread use made the vulnerability significant.
Security teams must account for Log4j bundled inside applications and other dependencies, not only software they installed directly. Vulnerability management therefore requires dependency inventory, version verification, and upgrading or otherwise mitigating affected installations according to Apache’s guidance. Teams should also review application and network logs for exploitation attempts, restrict unnecessary outbound connections, and investigate systems that may have processed malicious lookups. If compromise is suspected, response may require isolating the host and rotating credentials or secrets accessible to the affected process.
Weekly headline count for the current query.
Software supply chain security was hard enough. Then AI joined the build pipeline
In today's rapidly evolving cyber threat landscape, organizations face increasingly sophisticated attacks targeting their applications. Understanding these threats and the technologies designed to combat them is crucial. This article delves into the mechanics of a common application attack, using the infamous Log4Shell vulnerability as an example, and demonstrates how Application Detection and
The threat actor behind a peer-to-peer (P2P) botnet known as FritzFrog has made a return with a new variant that leverages the Log4Shell vulnerability to propagate internally within an already compromised network
The North Korea-aligned threat actor known as Andariel leveraged a previously undocumented malware called EarlyRat in attacks exploiting the Log4j Log4Shell vulnerability last year
Iranian government-sponsored threat actors have been blamed for compromising a U.S. federal agency by taking advantage of the Log4Shell vulnerability in an unpatched VMware Horizon server
A threat actor associated with the LockBit 3.0 ransomware-as-a-service (RaaS) operation has been observed abusing the Windows Defender command-line tool to decrypt and load Cobalt Strike payloads. According to a report published by SentinelOne last week, the incident occurred after obtaining initial access via the Log4Shell vulnerability against an unpatched VMware Horizon Server
The U.S. Cybersecurity and Infrastructure Security Agency (CISA), along with the Coast Guard Cyber Command (CGCYBER), on Thursday released a joint advisory warning of continued attempts on the part of threat actors to exploit the Log4Shell flaw in VMware Horizon servers to breach target networks
The North Korea-backed Lazarus Group has been observed leveraging the Log4Shell vulnerability in VMware Horizon servers to deploy the NukeSped (aka Manuscrypt) implant against targets located in its southern counterpart
Log4Shell, ProxyShell, ProxyLogon, ZeroLogon, and flaws in Zoho ManageEngine AD SelfService Plus, Atlassian Confluence, and VMware vSphere Client emerged as some of the top exploited security vulnerabilities in 2021
The "hotpatch" released by Amazon Web Services (AWS) in response to the Log4Shell vulnerabilities could be leveraged for container escape and privilege escalation, allowing an attacker to seize control of the underlying host
A Chinese advanced persistent threat tracked as Deep Panda has been observed exploiting the Log4Shell vulnerability in VMware Horizon servers to deploy a backdoor and a novel rootkit on infected machines with the goal of stealing sensitive data
Most security practitioners are now aware of the Log4Shell vulnerability discovered toward the end of 2021. No one knows how long the vulnerability existed before it was discovered. The past couple of months have had security teams scrambling to patch the Log4Shell vulnerability found in Apache Log4j, a Java library widely used to log error messages in applications. Beyond patching, it's helpful