Twitter
Twitter
Facebook
Kaspersky Partner
Twitter
Facebook
Kaspersky Partner

Virus | malwares | cyberintrusion

The Log4Shell Vulnerability – explained: how to stay secure


mardi 21 décembre 2021

The Log4Shell Vulnerability – explained: how to stay secure from Kaspersky

On December 9th, researchers uncovered a zero-day critical vulnerability in the Apache Log4j library used by millions of Java applications. CVE-2021-44228 or “Log4Shell” is a RCE vulnerability that allows attackers to execute arbitrary code and potentially take full control over an infected system. The vulnerability has been ranked a 10/10 on the CVSSv3 severity scale.

While the Apache Foundation has already released a patch for this CVE, it can take weeks or months for vendors to update their software, and there are already widespread scans being conducted by malicious attackers to exploit Log4Shell.

What should companies or organizations do?
Join Marco Preuss, Head of Europe’s Global Research and Analysis (GReAT) team, Marc Rivero and Dan Demeter, Senior Security Researchers with GReAT, for an in-depth discussion on Log4Shell and a live Q&A session.

The Log4Shell Vulnerability – explained: how to stay secure from Kaspersky
To see the full webinar, please visit :


maj : 22.12.21


maj : 30.12.21

  • Log4Shell is an improper input validation vulnerability. Its exploitation could lead to confidential data leakage, denial-of-service, and remote code execution attack scenarios. Essentially, if there is an application running on the network that handles data received from an untrusted source and logs some of that data using a vulnerable version of Log4j, you potentially have malicious code execution in the context of that application.
    • To be vulnerable, an application does not have to accept input directly from a malicious party (i.e., it does not have to be a vulnerable internet-facing service, such as an Apache web server). It could well be a business or industrial application running on the network, which in some way, e.g., through a chain of other applications and/or data storages, accepts a string that originally came from an untrusted source.
    • In this case, the only condition that has to be satisfied for a vulnerable application to be exposed to an attack is that the application should have access to a server controlled by the attacker. It could be a server accessible over the internet (the most common scenario) or a compromised host on the attacked network (e.g., in the case of a targeted attack).
      …/…
  • https://ics-cert.kaspersky.com/reports/2021/12/30/log4shell-at-industrial-enterprises/

 

Views: 0

The Log4Shell Vulnerability – explained: how to stay secure

The Log4Shell Vulnerability – explained: how to stay secure from Kaspersky

On December 9th, researchers uncovered a zero-day critical vulnerability in the Apache Log4j library used by millions of Java applications. CVE-2021-44228 or “Log4Shell” is a RCE vulnerability that allows attackers to execute arbitrary code and potentially take full control over an infected system. The vulnerability has been ranked a 10/10 on the CVSSv3 severity scale.

While the Apache Foundation has already released a patch for this CVE, it can take weeks or months for vendors to update their software, and there are already widespread scans being conducted by malicious attackers to exploit Log4Shell.

What should companies or organizations do?
Join Marco Preuss, Head of Europe’s Global Research and Analysis (GReAT) team, Marc Rivero and Dan Demeter, Senior Security Researchers with GReAT, for an in-depth discussion on Log4Shell and a live Q&A session.

The Log4Shell Vulnerability – explained: how to stay secure from Kaspersky
To see the full webinar, please visit :


maj : 22.12.21


maj : 30.12.21

  • Log4Shell is an improper input validation vulnerability. Its exploitation could lead to confidential data leakage, denial-of-service, and remote code execution attack scenarios. Essentially, if there is an application running on the network that handles data received from an untrusted source and logs some of that data using a vulnerable version of Log4j, you potentially have malicious code execution in the context of that application.
    • To be vulnerable, an application does not have to accept input directly from a malicious party (i.e., it does not have to be a vulnerable internet-facing service, such as an Apache web server). It could well be a business or industrial application running on the network, which in some way, e.g., through a chain of other applications and/or data storages, accepts a string that originally came from an untrusted source.
    • In this case, the only condition that has to be satisfied for a vulnerable application to be exposed to an attack is that the application should have access to a server controlled by the attacker. It could be a server accessible over the internet (the most common scenario) or a compromised host on the attacked network (e.g., in the case of a targeted attack).
      …/…
  • https://ics-cert.kaspersky.com/reports/2021/12/30/log4shell-at-industrial-enterprises/

 

Views: 0

The Log4Shell Vulnerability – explained: how to stay secure

The Log4Shell Vulnerability – explained: how to stay secure from Kaspersky

On December 9th, researchers uncovered a zero-day critical vulnerability in the Apache Log4j library used by millions of Java applications. CVE-2021-44228 or “Log4Shell” is a RCE vulnerability that allows attackers to execute arbitrary code and potentially take full control over an infected system. The vulnerability has been ranked a 10/10 on the CVSSv3 severity scale.

While the Apache Foundation has already released a patch for this CVE, it can take weeks or months for vendors to update their software, and there are already widespread scans being conducted by malicious attackers to exploit Log4Shell.

What should companies or organizations do?
Join Marco Preuss, Head of Europe’s Global Research and Analysis (GReAT) team, Marc Rivero and Dan Demeter, Senior Security Researchers with GReAT, for an in-depth discussion on Log4Shell and a live Q&A session.

The Log4Shell Vulnerability – explained: how to stay secure from Kaspersky
To see the full webinar, please visit :


maj : 22.12.21


maj : 30.12.21

  • Log4Shell is an improper input validation vulnerability. Its exploitation could lead to confidential data leakage, denial-of-service, and remote code execution attack scenarios. Essentially, if there is an application running on the network that handles data received from an untrusted source and logs some of that data using a vulnerable version of Log4j, you potentially have malicious code execution in the context of that application.
    • To be vulnerable, an application does not have to accept input directly from a malicious party (i.e., it does not have to be a vulnerable internet-facing service, such as an Apache web server). It could well be a business or industrial application running on the network, which in some way, e.g., through a chain of other applications and/or data storages, accepts a string that originally came from an untrusted source.
    • In this case, the only condition that has to be satisfied for a vulnerable application to be exposed to an attack is that the application should have access to a server controlled by the attacker. It could be a server accessible over the internet (the most common scenario) or a compromised host on the attacked network (e.g., in the case of a targeted attack).
      …/…
  • https://ics-cert.kaspersky.com/reports/2021/12/30/log4shell-at-industrial-enterprises/

 

Views: 0