Connect with us

Hi, what are you looking for?

News

Widely used software with key vulnerability sends cyber defenders scrambling

WASHINGTON – A newly discovered vulnerability in a widely used software library is causing mayhem on the internet, forcing cyber defenders to scramble as hackers rush to exploit the weakness.

The vulnerability, known as Log4j, comes from a popular open source product that helps software developers track changes in applications that they build. It is so popular and embedded across many companies’ programs that security executives expect widespread abuse.

“The Apache Log4j Remote Code Execution Vulnerability is the single biggest, most critical vulnerability of the last decade,” said Amit Yoran, chief executive of Tenable, a network security firm, and the founding director of the U.S. Computer Emergency Readiness Team.

The U.S. government sent a warning to the private sector about the Log4j vulnerability and the looming risk it poses on Friday.

In a conference call on Monday, the leader of CISA said it was one of the worst vulnerabilities seen in many years. She urged companies to have staff working through the holidays to battle those using new methods to exploit the flaw.

Much of the software affected by Log4j, which bears names like Hadoop or Solr, may be unfamiliar to the public at large. But as with the SolarWinds program at the center of a massive Russian espionage operation last year, the ubiquity of these workhorse programs makes them ideal jumping-off points for digital intruders.

Juan Andres Guerrero-Saade, principal threat researcher with cybersecurity firm SentinelOne, called it “one of those nightmare vulnerabilities that there’s pretty much no way to prepare for.”

While a partial fix for the vulnerability was released on Friday by Apache, the maker of Log4j, affected companies and cyber defenders will need time to locate the vulnerable software and properly implement patches. Log4j itself is maintained by a few volunteers, security experts said.

In practice, the flaw allows an outsider to enter active code into the record-keeping process. That code then tells the server hosting the software to execute a command giving the hacker control.

The issue was first publicly disclosed by a security researcher working for Chinese technology company Alibaba Group Holding Ltd, Apache noted in its security advisory.

It is now apparent that initial exploitation was spotted Dec. 2, before a patch rolled out a few days later. The attacks became much more widespread as people playing Minecraft used it to take control of servers and spread the word in gaming chats.

So far no major disruptive cyber incidents have been publicly documented as a result of the vulnerability, but researchers are seeing an alarming uptick in hacking groups trying to take advantage of the bug for espionage.

“We also expect to see this vulnerability in everyone’s supply chain,” said Chris Evans, chief information security officer at HackerOne.

Multiple botnets, or groups of computers controlled by criminals, were also exploiting the flaw in a bid to add more captive machines, experts tracking the developments said.

What many experts now fear is that the bug could be used to deploy malware that either destroys data or encrypts it, like what was used against U.S. pipeline operator Colonial Pipeline of gasoline in some parts of the United States.

Guerrero-Saade said his firm had already seen Chinese hacking groups moving to take advantage of the vulnerability.

U.S. cybersecurity firms Mandiant and Crowdstrike also said they found sophisticated hacking groups leveraging the bug to breach targets. Mandiant described those hackers as “Chinese government actors” in an email to Reuters. – Reuters

Your information is secure and your privacy is protected. By opting in you agree to receive emails from us. Remember that you can opt-out any time, we hate spam too!

Latest

News

BW FILE PHOTO THE PESO continued to strengthen against the dollar on Thursday following remarks from the US Federal Reserve chief that cemented market...

News

BW FILE PHOTO SHARES closed lower on Thursday on profit taking amid hints of slower rate hikes from the US Federal Reserve and inflation...

News

DA.GOV.PH THE government wants to keep its low-cost Kadiwa food outlets in operation until February or March, when it expects food inflation to ease,...

News

NGCP.PH THE National Grid Corp. of the Philippines (NGCP) issued a yellow alert over the Luzon grid on Thursday after five power plants experienced...

News

PHILIPPINE STAR/ MIGUEL DE GUZMAN SETBACKS to the education system will require remedies which are expected to cost P25 billion a year, just to...

News

By Luisa Maria Jacinta C. Jocson, Reporter THE Philippines placed 19th out of 120 countries in the Open Budget survey, which gauges the transparency...

You May Also Like

News

BW FILE PHOTO GROSS BORROWINGS by the National Government reached P2.6 trillion as of end-September as it continued to raise funds to respond to...

News

REUTERS By Luz Wendy T. Noble, Reporter The country’s foreign exchange buffers slightly increased as of end-October as the value of the central bank’s...

News

KARASOLAR.COM TENA, Ecuador — Ecuador’s rainforest Achuar people say their ancestors long dreamed of a “fire canoe” or “electric fish” that would let them...

News

COVID-19 has had a significant impact on the mental health of Filipinos across different groups all over the archipelago. From frontline workers, parents balancing...

Disclaimer: Respect Investment.com, its managers, its employees, and assigns (collectively "The Company") do not make any guarantee or warranty about what is advertised above. Information provided by this website is for research purposes only and should not be considered as personalized financial advice. The Company is not affiliated with, nor does it receive compensation from, any specific security. The Company is not registered or licensed by any governing body in any jurisdiction to give investing advice or provide investment recommendation. Any investments recommended here should be taken into consideration only after consulting with your investment advisor and after reviewing the prospectus or financial statements of the company.

Copyright © 2022 Respect Investment. All Rights Reserved.