We have observed many existing attackers adding exploits of these vulnerabilities in their existing malware kits and tactics, from coin miners to hands-on-keyboard attacks. In January, we started seeing attackers taking advantage of the vulnerabilities in internet-facing systems, eventually deploying ransomware. There is high potential for the expanded use of the vulnerabilities. Sophisticated adversaries (like nation-state actors) and commodity attackers alike have been observed taking advantage of these vulnerabilities. Microsoft has observed attackers using many of the same inventory techniques to locate targets. Customers are encouraged to utilize scripts and scanning tools to assess their risk and impact. By nature of Log4j being a component, the vulnerabilities affect not only applications that use vulnerable libraries, but also any services that use these applications, so customers may not readily know how widespread the issue is in their environment. This open-source component is widely used across many suppliers’ software and services. Janurecap – The Log4j vulnerabilities represent a complex and high-risk situation for companies across the globe.
0 Comments
Leave a Reply. |