GreenPages Blog

As an IT professional, you need to stay current on all things tech; with articles from industry experts and GreenPages' staff, you get the info you need to help your organization compete and succeed!

All Posts

New Zero-Day Vulnerability Apache Log4Shell

What We Know
A new critical zero-day vulnerability has been detected, is widely distributed, and is easily exploitable, allowing attackers to gain full control over affected servers. The vulnerability was identified within Apache Log4j 2, an open-source Java package used to enable logging in many popular applications. The issue can allow remote access to your computer through public servers you access running the Apache Log4j Java-based logging library.

 

This vulnerability (CVE-2021-44228) has received the maximum severity rating of 10 on the Common Vulnerability Scoring System scale and has been dubbed as “Log4Shell.” This critical vulnerability has already been targeted in the wild. It can be deployed against anything from enterprise software to web apps and products from Apple, Amazon, Cloudflare, Twitter, and Steam. These efforts will continue and expand so addressing the vulnerability as soon as possible is critical.For remediating this vulnerability, the Apache Software Foundation (ASF) says that "this behavior can be mitigated by setting system property 'log4j2.formatMsgNoLookups' to 'true' or by removing the JndiLookup class from the classpath.” Updating the log4j-core.jar to version 2.15.0, which was released on Saturday, fixes the problem: https://logging.apache.org/log4j/2.x/security.html

GreenPages will continue to monitor and provide further updates on remediation efforts for this critical vulnerability.

Here are additional resources for further insight:

https://www.zdnet.com/article/security-warning-new-zero-day-in-the-log4j-java-library-is-already-being-exploited/

https://www.bleepingcomputer.com/news/security/new-zero-day-exploit-for-log4j-java-library-is-an-enterprise-nightmare/

GreenPages stands ready to help you mitigate the above vulnerability and other risks. At present we recommend:

  • Following the remediation recommendations provided here immediately:  https://logging.apache.org/log4j/2.x/security.html

  • Implementing strong passwords and enabling Multi-factor Authentication (MFA)

  • Understanding your network environment and having strong asset and change management disciplines and governance

  • Developing a strong patch and vulnerability management program and keeping all systems and network devices up-to-date

  • Implementing modern security monitoring techniques including MDR, XDR, and SOC/SIEM services

If you need help with this security threat, please reach out to your GreenPages Account Manager or reach out to us.

 

Work With Us!

Related Posts

New SEC Rules for Reporting Cybersecurity Incidents Are Coming

By Jay Pasteris, GreenPages CIO and CISO The SEC is proposing new cybersecurity rules for public companies. GreenPages' Chief Information Officer & Chief Information Security Officer, Jay Pasteris, looks at the pros and cons of these rules and offers advice on how your company can prepare.

CIO Fireside Chat Recap: Responding to a Ransomware Attack

By Mario Brum, VP of Practice Area and Technical Advisory Services, GreenPages   Mario Brum hosted our inaugural CIO Fireside Chat, an online event for business executives and IT experts about the latest tech topics and trends. In this blog post, Mario recaps the discussion on responding to ransomware attacks and shares data from a real-time poll showing how top cybersecurity leaders responded to this controversial topic. 

How Microsoft Purview Simplifies and Secures Your Organization's Data

By David Barter, GreenPages Microsoft Technologies Practice Lead Managing disparate data sources is a challenge for today's hybrid workforces. But Microsoft Purview can simplify your data security, governance, and compliance.

Strategy, architecture, integration & management across the world’s leading technologies.

VMware
AWS
Citrix
Microsoft
Cisco
Dell EMC
HP
Lenovo
VMware
Citrix
Microsoft
Cisco
HP

Digital Transformation

Cloud Enablement & Operations

Resources

Contact

GreenPages
Two International Drive
Suite #260
Portsmouth, NH 03801
Call Us: 800.989.2989

Legal
Terms & Conditions

Join Us On

© 2020 GreenPages, Inc. All rights reserved.