Attackers can get root by crashing Ubuntu’s AccountsService
Attackers can get root by crashing Ubuntu’s AccountsService
Police arrests ransomware affiliate behind high-profile attacks
Bugs in billions of WiFi, Bluetooth chips allow password, data theft
Hackers steal Microsoft Exchange credentials using IIS module
EU Parliament adopts Digital Services Act, but concerns persist
Anubis Android malware returns to target 394 financial apps
Cyberattack on BHG opioid treatment network disrupts patient care
Qualys BrowserCheck
STOPDecrypter
AuroraDecrypter
FilesLockerDecrypter
AdwCleaner
ComboFix
RKill
Junkware Removal Tool
How to remove the PBlock+ adware browser extension
Remove the Toksearches.xyz Search Redirect
Remove the Smashapps.net Search Redirect
Remove the Smashappsearch.com Search Redirect
Remove Security Tool and SecurityTool (Uninstall Guide)
How to remove Antivirus 2009 (Uninstall Instructions)
How to Remove WinFixer / Virtumonde / Msevents / Trojan.vundo
How to remove Google Redirects or the TDSS, TDL3, or Alureon rootkit using TDSSKiller
Locky Ransomware Information, Help Guide, and FAQ
CryptoLocker Ransomware Information Guide and FAQ
CryptorBit and HowDecrypt Information Guide and FAQ
CryptoDefense and How_Decrypt Ransomware Information Guide and FAQ
How to make the Start menu full screen in Windows 10
How to install the Microsoft Visual C++ 2015 Runtime
How to open an elevated PowerShell Admin prompt in Windows 10
How to Translate a Web Page in Google Chrome
How to start Windows in Safe Mode
How to remove a Trojan, Virus, Worm, or other Malware
How to show hidden files in Windows 7
How to see hidden files in Windows
eLearning
IT Certification Courses
Gear + Gadgets
Security
CISA orders federal agencies to patch Log4Shell by December 24th
The Cybersecurity and Infrastructure Security Agency (CISA) has ordered federal agencies to patch systems against the critical Log4Shell vulnerability and released mitigation guidance in response to active exploitation.
This follows threat actors’ head start in scanning for and exploiting Log4Shell vulnerable systems to deploy malware.
Even though Apache quickly released a patch to address the maximum severity remote code execution flaw (CVE-2021-44228) targeted by exploits publicly released on Friday, it only happened after attackers began deploying the exploits in the wild.
Since Apache Log4j is a ubiquitous dependency for enterprise applications and websites, it’s highly likely that its ongoing exploitation will eventually lead to widespread attacks and malware deployment.
We have also published an article with a list of vulnerable products and vendor advisories and more information on the Log4Shell vulnerability.
CISA has now created a dedicated page with technical details about the Apache Log4j logging library flaw and patching information for vendors and impacted organizations.
“CISA urges organizations to review its Apache Log4j Vulnerability Guidance webpage and upgrade to Log4j version 2.15.0, or apply the appropriate vendor recommended mitigations immediately,” the cybersecurity agency said.
The list of actions all organizations using products exposed to attacks by the Log4j library includes:
Besides patching all products using the vulnerable library, CISA also recommends taking three additional, immediate steps: enumerating internet-facing endpoints that use Log4j, ensuring that SOCs act on every alert on Internet-exposed devices, and installing a web application firewall (WAF) that automatically updates with the latest rules.
We’re working closely with our public and private sector partners to address a critical vulnerability affecting the Apache log4j #software library. This vulnerability is being widely exploited by threat actors and presents an urgent challenge to patch: https://t.co/utbcDZBtPv
1/2
On December 10, the day Log4Shell exploits were published online, CISA has also added the CVE-2021-44228 Apache Log4j vulnerability to the Known Exploited Vulnerabilities Catalog.
This is a catalog of hundreds of exploited security vulnerabilities exposing government networks to significant risks if successfully exploited by threat actors.
In accordance with BOD 22-01 (Reducing the Significant Risk of Known Exploited Vulnerabilities) issued in November, all federal civilian executive branch agencies must now mitigate Log4Shell on internet-facing and non-internet-facing federal information systems by December 24, 2021.
“CISA is working closely with our public and private sector partners to proactively address a critical vulnerability affecting products containing the log4j software library. This vulnerability, which is being widely exploited by a growing set of threat actors, presents an urgent challenge to network defenders given its broad use,” CISA Director Jen Easterly said in a statement issued over the weekend.
“To be clear, this vulnerability poses a severe risk. We will only minimize potential impacts through collaborative efforts between government and the private sector. We urge all organizations to join us in this essential effort and take action.”
Log4j: List of vulnerable products and vendor advisories
Hackers start pushing malware in worldwide Log4Shell attacks
Researchers release ‘vaccine’ for critical Log4Shell vulnerability
New zero-day exploit for Log4j Java library is an enterprise nightmare
US govt warns of increased ransomware risks during holidays
Not a member yet? Register Now
Hackers start pushing malware in worldwide Log4Shell attacks
Kronos ransomware attack may cause weeks of HR solutions downtime
To receive periodic updates and news from BleepingComputer, please use the form below.
Terms of Use Privacy PolicyEthics Statement
Copyright @ 2003 – 2021 Bleeping Computer® LLC – All Rights Reserved
Not a member yet? Register Now
Read our posting guidelinese to learn what content is prohibited.

source