Updated 2 years ago
ICY ROADS AHEAD…
40% OF CORP NETWORKS UNDER ATTACK…
THE LAST ONE OF THIS STATURE CAUSED THE EQUIFAX BREACH…
LIKE COVID, THIS WILL BE WITH US FOR YEARS
TL;DR – The Java deserialization bug stems from Log4j making network requests through the JNDI to an LDAP server and executing any code that’s returned. The bug is triggered inside of log messages with use of the ${} syntax.
“This is a level 10, should scare the pants off everybody moment.”
Attackers are actively exploiting the issue, with Check Point Software reporting Monday afternoon that it was seeing a “pandemic-like spread” of attacks since last week, with more than 800,000 attempted attacks in 72 hours, and about 100 hacks a minute. Check Point said more than 40 percent of corporate networks worldwide were coming under attack.
“The issue can allow remote access to your computer through the servers you log into,” site representatives wrote. “That means any public server you go onto creates a risk of being hacked.”
log4j is like salt.
“If I asked you, ‘hey show me the salt you have in your house,’ you would probably walk up to the salt you have sitting on the table, maybe some you have hidden in the cabinet,” Cofrancesco said. “What you probably wouldn’t do is show me ‘hey, here’s my Panera sandwich, or here’s the soup I have, or here’s the juice I have, my powerade.’ All those other things have salt in it, it’s just obscured by the fact that there are a bunch of other ingredients. That is precisely what is going on here.”
https://thehill.com/policy/cybersecurity/585643-cyber-experts-express-growing-alarm-over-apache-vulnerability
Apache on Wikipedia
