[ad_1]
A software vulnerability in common computer networks is being compared to a “cyber epidemic” by security analysts and the government.
The vulnerability called Log4Shell, known as the “zero-day vulnerability”, Apache software It is used in tens of thousands of computer networks around the world.
The discovery of the vulnerability last week sparked an international effort to patch the hole to prevent hackers from stealing valuable sensitive information.
“To be clear, this vulnerability poses a serious risk,” said Jen Easterly, director of the Cybersecurity and Infrastructure Security Agency (CISA) in the Department of Homeland Security.
“We will only minimize potential impacts through collaborative efforts between government and the private sector. “We call on all organizations to join us and take action in this important effort,” he said in a statement on Saturday.
Other cybersecurity experts call Log4Shell the most serious software vulnerability in history.
Security firm Check Point Research described the vulnerability as a “true cyber epidemic.” The firm said that hackers who exploited the vulnerability had infiltrated more than 800,000 networks by December 11, two days after the software issue was disclosed.
affected Apache software It is widely used in various consumer and corporate services, websites and applications, along with operational technology products. The software is used to monitor security and performance information, and the flaw allows hackers to take control of affected systems, steal information or plant other malware.
CISA did not disclose the actors who exploited the vulnerability. CISA director Ms Easterly only noted that the flaw was “widely exploited by a growing array of threat actors.”
The discovery is initially suspected to involve Chinese hackers.
However, security firm McAfee stated that the flaw was first discovered on November 24 by Chen Zhaojun of China’s Alibaba Cloud Security Team.
Other security experts who suspect that China is behind the attacks say Beijing may have previously disclosed the flaw to protect other zero-day vulnerabilities or to divert suspicions that they were exploiting the flaw. China has been known to conduct formidable military cyber operations, including the use of numerous researchers working on software for zero-day flaws.
According to security firms Cloudflare and Cisco Talos, the first attacks on the hole began on December 1 and December 2.
Apache It has released a software patch for Log4Shell that is said to reduce the flaw. However, until all versions of the software are patched, systems using the software will remain vulnerable to cyberattacks.
“Given the severity of the vulnerability and the possibility of an increase in exploitation by sophisticated cyber threat actors, CISA urges vendors and users to apply patches,” the agency said in a statement.
A spokesperson for Amazon Web Services described the vulnerability as “serious”.
Cyber news outlet The Record reported that most of the cyberattacks from Log4Shell involved professional crypto mining and denial-of-service botnets such as Mirai, Muhstik, and Kinsing. These hackers are normally among the first to exploit software bugs once discovered.
State-sponsored hackers and cyberespionage groups have yet to be observed, the report said. But Microsoft noted in a recent blog post that its cyber detectives are starting to see tactics trying to plant backdoors in software targeted by government-run hackers.
A similar common software bug most recently involved a vulnerability in 2014 called Heartbleed that affected OpenSSL security software.
Security analysts said the incident did not raise more security awareness to protect against hackers.
– Staff writer Ryan Lovelace contributed to this report.
[ad_2]
Source link