Apache Log4j
Dec. 13th, 2021 11:19 pm![[personal profile]](https://www.dreamwidth.org/img/silk/identity/user.png){kind=small}
scif_yarApache Log4j - начинаем есть говно ПОЛНОЙ ЛОЖКОЙ ВОТ ТАКИМ ЧЕРПАКОМ.
https://kb.vmware.com/s/article/87081
https://kb.vmware.com/s/article/87088
И это только то, что у меня прямо на виду
The cybersecurity Hiroshima of the year – the Apache Log4j logging library exploit – has spun off 60 bigger mutations in less than a day, researchers said.
According to Microsoft researchers, beyond coin-miners, they’ve also seen installations of Cobalt Strike, which attackers can use to steal passwords, creep further into compromised networks with lateral movement and exfiltrate data.
Attackers have been buzzing around the Log4Shell vulnerability since at least Dec. 1, it turns out, and as soon as CVE-2021-44228 was publicly disclosed late last week, attackers began to swarm around honeypots.
https://threatpost.com/apache-log4j-log4shell-mutations/176962/
https://community.commvault.com/technical-q-a-2/log4j-been-used-in-commvault-1985
https://documentation.commvault.com/v11/essential/146231_security_vulnerability_and_reporting.html
Общем, только Air gap / выделенные физически изолированные сети управления и рабочие места. Только так.
https://kb.vmware.com/s/article/87081
https://kb.vmware.com/s/article/87088
И это только то, что у меня прямо на виду
The cybersecurity Hiroshima of the year – the Apache Log4j logging library exploit – has spun off 60 bigger mutations in less than a day, researchers said.
According to Microsoft researchers, beyond coin-miners, they’ve also seen installations of Cobalt Strike, which attackers can use to steal passwords, creep further into compromised networks with lateral movement and exfiltrate data.
Attackers have been buzzing around the Log4Shell vulnerability since at least Dec. 1, it turns out, and as soon as CVE-2021-44228 was publicly disclosed late last week, attackers began to swarm around honeypots.
https://threatpost.com/apache-log4j-log4shell-mutations/176962/
https://community.commvault.com/technical-q-a-2/log4j-been-used-in-commvault-1985
https://documentation.commvault.com/v11/essential/146231_security_vulnerability_and_reporting.html
Общем, только Air gap / выделенные физически изолированные сети управления и рабочие места. Только так.
no subject
Date: 2021-12-14 05:05 am (UTC)Слава богу у меня нет ни апачей ни томкетов в линии отдела.
no subject
Date: 2021-12-14 11:09 am (UTC)Типичный Day of Infamy...