Apache Software Foundation(ASF) has released another patch for Log4j vulnerability and the version is 2.17.0. If not patched, the vulnerability tracked as CVE-2021-45105 could be exploited for Denial-of-Service (DoS) attack.
Log4J continues to annoy and threaten IT community, and this new vulnerability is currently affecting all tools from 2.0 beta9 to 2.16.0, meaning the recent patch released by Apache to fix the remote code execution (CVE-2021-45046) and Apache Log4Shell Vulnerability (CVE-2021-44228). A security researcher named Hideki Okamoto of Akamai Technologies is the one who identified the recent vulnerability and reported it.
The vulnerability for DoS bug has been escalated from 3.7 to 9.0 as the attacker can create a specially crafted string that can access the data and perform remote code execution in certain environments. The CISA also issued an emergency directive to the federal organizations and agencies to patch the Apache Log4J vulnerability immediately before Dec 23, 2021.
States sponsored hackers from Iran, China, North Korea and Turkey along with Conti Ransomware Gang were found exploiting the Apache Log4J vulnerability by exploiting the RMI maneuver and few mining Monero. And researchers have identified these threats to be the first sophisticated crime-ware cartel act. The current vulnerability allows Conti Ransomware Group to exploit the Log4j 2 VMware vCenter for moving laterally within the compromised network thus leveraging the Cobalt Strike Sessions.
While we already discussed about the Monero mining in our recent post on LDAP to RMI switch, the other exploiters of this vulnerability are botnets, remote access trojans, ransomware strain called Khonsari. Check Point said it has found around 3.7 million exploitation attempts regarding Apache Log4j vulnerability and 46% of those attempts are from known threat actors.
Subscribe to our newsletter for daily alerts on cyber events, you can also follow us on Facebook, Linkedin, Instagram, Twitter and Reddit.
You can reach out to us via Twitter or Facebook, for any advertising requests.
Discover the best log management tools for efficient system management and monitoring. Learn about the…
Taking remote of devices and managing them will make thing simple for IT admins. In…
In 2024, the Unified Endpoint Management Software market will continue to evolve and here are…
Explore the top 5 threat intelligence tools, their features, and how they enhance cybersecurity against…
Explore the top 5 best Microsoft Intune alternatives, comparing key features, user reviews, and capabilities…
Recast Software offers a suite of tools designed to enhance and simplify endpoint management in…