Home » Breaking Computer security Device security Latest Cybersecurity News Windows security

Third-patch is released to fix the critical Apache Log4j Vulnerability

William Marshal Posted On December 19, 2021
0


Apache Log4j Vulnerability

Apache Software Foundation(ASF) has released another patch for Log4j vulnerability and the version is 2.17.0. If not patched, the vulnerability tracked as CVE-2021-45105 could be exploited for Denial-of-Service (DoS) attack.

Log4J continues to annoy and threaten IT community, and this new vulnerability is currently affecting all tools from 2.0 beta9 to 2.16.0, meaning the recent patch released by Apache to fix the remote code execution (CVE-2021-45046) and Apache Log4Shell Vulnerability (CVE-2021-44228).  A security researcher named Hideki Okamoto of Akamai Technologies is the one who identified the recent vulnerability and reported it.

Apache Log4j Vulnerability and the risks

The vulnerability for DoS bug has been escalated from 3.7 to 9.0 as the attacker can create a specially crafted string that can access the data and perform remote code execution in certain environments. The CISA also issued an emergency directive to the federal organizations and agencies to patch the Apache Log4J vulnerability immediately before Dec 23, 2021.

States sponsored hackers from Iran, China, North Korea and Turkey along with Conti Ransomware Gang were found exploiting the Apache Log4J vulnerability by exploiting the RMI maneuver and few mining Monero. And researchers have identified these threats to be the first sophisticated crime-ware cartel act. The current vulnerability allows Conti Ransomware Group to exploit the Log4j 2 VMware vCenter for moving laterally within the compromised network thus leveraging the Cobalt Strike Sessions.

While we already discussed about the Monero mining in our recent post on LDAP to RMI switch, the other exploiters of this vulnerability are botnets, remote access trojans, ransomware strain called Khonsari. Check Point said it has found around 3.7 million exploitation attempts regarding Apache Log4j vulnerability and 46% of those attempts are from known threat actors.

Subscribe to our newsletter for daily alerts on cyber events, you can also follow us on Facebook, Linkedin, Instagram, Twitter and Reddit.

You can reach out to us via Twitter or Facebook, for any advertising requests.

Share the article with your friends




Author

William Marshal

William has been one of the key contributors to 'The Cybersecurity Times' with 9.5 years of experience in the cybersecurity journalism. Apart from writing, he also like hiking, skating and coding.

You may also like
Log4j Vulnerability exploiters evolve the attack vector to mine Monero
December 17, 2021
Leave A Reply

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.