NEWS

Log4j clean-up is still ongoing for many organizations

By VARINDIA - 2022-02-04

For most, the question of - if they have caught all possible instances of Log4j is really the biggest question. The Log4j vulnerabilities were not something you could resolve with a simple update. It is a messaging component built into a variety of web services and vendor applications. It was difficult to detect in many cases, so code scanners and network vulnerability scanners struggled to accurately identify exposure. Organizations that were able to respond quickly found that truly understanding their exposure required rolling up their sleeves.

They quickly assessed their internal development teams for use of Log4j and their vendor risk management process to determine what vendors they were consuming solutions from and assessing each to determine if they were exposed. As an additional step, security teams also utilized a variety of custom scanners purpose-built to scan for the Log4j binaries. This is crucial given Log4j was buried in many cases in a few layers of JAR files which was throwing many vulnerability scanners off.

The vulnerability caused a new plague, impacting almost half of all companies worldwide in a very short space of time. Attackers are able to exploit vulnerable apps to execute cryptojackers and other malware on compromised servers. Until now, most of the attacks have focused on the use of cryptocurrency mining at the expense of the victims. However, advanced attackers have started to act aggressively and take advantage of the breach on high-quality targets.

Microsoft Exchange administrators got a new year’s surprise as on-premises Exchange servers started experiencing email becoming stuck as queues ran into a date format issue in the Filtering Management Service. Guidance quickly became available on January 1, 2022, as email stuck in transport queues quickly got backed up .

A report says, about 66% of organizations in India have suffered at least one data breach since shifting to a remote working model. With the global pandemic acting as an accelerant, digital transformation across the verticals has gained new momentum, seeing rapid adoption of digital technology within the sector. India is ranked third in the world among the top 20 countries being victimized by cyber-crimes.

As the cost of recovering data from various cyber-attacks has been skyrocketing, companies are taking precautionary measures to safeguard data. About 66% Indian companies reported at least one data breach since shifting to a work-from-home setup. 1,055 business decision-makers across Australia, New Zealand, Singapore, Hong Kong, and India took the survey to report security challenges they faced since going remote. Over 65% Indian companies reported an increase in email phishing attacks.

The survey revealed that nearly half the respondents did not have up-to-date cybersecurity systems to handle vulnerabilities posed by full-time remote working. Finally, logging untrusted or user-controlled data with a vulnerable version of Log4J may result in Remote Code Execution (RCE) against your application. This includes untrusted data provided in logged errors such as exception traces, authentication failures, and other unexpected vectors of user-controlled input.