TellYouThePass ransomware revived in Linux, Windows Log4j attacks
Credit card info of 1.8 million people stolen from sports gear sites
CISA urges VMware admins to patch critical flaw in Workspace ONE UEM
All Log4j, logback bugs we know so far and why you MUST ditch 2.15
New stealthy DarkWatchman malware hides in the Windows Registry
This $19 bundle helps fill your résumé with CompTIA certifications
Western Digital warns customers to update their My Cloud devices
Save 50% on access to 2,400 hours of IT training from ITU Online
Qualys BrowserCheck
Junkware Removal Tool
How to remove the PBlock+ adware browser extension
Remove the Search Redirect
Remove the Search Redirect
Remove the Search Redirect
Remove Security Tool and SecurityTool (Uninstall Guide)
How to remove Antivirus 2009 (Uninstall Instructions)
How to Remove WinFixer / Virtumonde / Msevents / Trojan.vundo
How to remove Google Redirects or the TDSS, TDL3, or Alureon rootkit using TDSSKiller
Locky Ransomware Information, Help Guide, and FAQ
CryptoLocker Ransomware Information Guide and FAQ
CryptorBit and HowDecrypt Information Guide and FAQ
CryptoDefense and How_Decrypt Ransomware Information Guide and FAQ
How to make the Start menu full screen in Windows 10
How to install the Microsoft Visual C++ 2015 Runtime
How to open an elevated PowerShell Admin prompt in Windows 10
How to Translate a Web Page in Google Chrome
How to start Windows in Safe Mode
How to remove a Trojan, Virus, Worm, or other Malware
How to show hidden files in Windows 7
How to see hidden files in Windows
IT Certification Courses
Gear + Gadgets
US orders federal govt agencies to patch critical Log4j bug
US Federal Civilian Executive Branch agencies have been ordered to patch the critical and actively exploited Log4Shell security vulnerability in the Apache Log4j library within the next six days.
The order comes through an emergency directive issued by the Cybersecurity and Infrastructure Security Agency (CISA) today.
This is not surprising given the risk the ongoing exploitation of this vulnerability poses and seeing that the security flaw (tracked as CVE-2021-44228) has also recently been added Known Exploited Vulnerabilities Catalog, which also required expedited action in mitigating the bug until December 24.
“To be clear, this vulnerability poses a severe risk. We will only minimize potential impacts through collaborative efforts between government and the private sector. We urge all organizations to join us in this essential effort and take action,” CISA Director Jen Easterly said at the time.
The new emergency directive (ED 22-02) further requires federal agencies to find all Internet-exposed devices vulnerable to Log4Shell exploits, patch them if a patch is available, mitigate the risk of exploitation, or remove vulnerable software from their networks until December 23.
CISA also says that all devices running software vulnerable to Log4Shell attacks should be assumed to be already compromised and requires looking for signs of post-exploitation activity and monitoring for any suspicious traffic patterns.
The federal agencies were also given five more days, until December 28 to report all affected Java products on their networks, including application and vendor names, the app’s version, and the action taken to block exploitation attempts.
“Although ED 22-02 applies to FCEB agencies, CISA strongly recommends that all organizations review ED 22-02 for mitigation guidance,” CISA added today.
We are working with key private & public partners via #JCDC & federal partners like @FBI & @NSACyber to manage this evolving threat. We will continue to update our consolidated Log4j webpage with the latest info to help all orgs reduce their risk:
Earlier this week, CISA published a dedicated page with technical details regarding the Log4Shell flaw and patching information for impacted organizations.
CISA asks organizations to upgrade to Log4j version 2.16.0 or immediately apply appropriate vendor-recommended mitigations.
The list of actions organizations using products exposed to attacks using Log4Shell exploits includes:
CISA’s push for urgently patching systems vulnerable to Log4Shell attacks follows threat actors’ head start in exploiting Log4Shell vulnerable systems to deploy malware.
As we previously reported, these attacks have been orchestrated by financially-motivated attackers who injected Monero minersstate-backed hackers, and even ransomware gangs [12].
Following reporting of Log2Shell’s ongoing exploitation in widespread attacks, we have also published several dedicated articles sharing a list of vulnerable products and vendor advisories, the reason why you must upgrade to Log4j2.16.0 immediately, as well as more information on the Log4Shell vulnerability.
CISA: Federal agencies required to patch Log4j by December 24th
CISA warns critical infrastructure to stay vigilant for ongoing threats
All Log4j, logback bugs we know so far and why you MUST ditch 2.15
New zero-day exploit for Log4j Java library is an enterprise nightmare
Conti ransomware uses Log4j bug to hack VMware vCenter servers
Not a member yet? Register Now
Upgraded to log4j 2.16? Surprise, there’s a 2.17 fixing DoS
Western Digital warns customers to update their My Cloud devices
To receive periodic updates and news from BleepingComputer, please use the form below.
Terms of Use Privacy PolicyEthics Statement
Copyright @ 2003 – 2021 Bleeping Computer® LLC – All Rights Reserved
Not a member yet? Register Now
Read our posting guidelinese to learn what content is prohibited.