Within 12 hours, 40,000 attempts were made – a figure that climbed to 830,000 in the next three days by the time a patch was released to the public,” Guntrip adds. “The first attempt to exploit the vulnerability was detected nine minutes after it was publicised. That speed was critical, explains Mark Guntrip, senior director of cyber security strategy at Menlo Security. “Several factors accounted for this, the first being that many organisations reacted quickly to identify affected systems and apply the patches where appropriate.” “The attacks were not on the predicted scale,” says Brian Honan, CEO of BH Consulting. We’ve seen the flaws exploited in everything from nation-state campaigns to VMware Horizon servers being hijacked for crypto-mining and botnets. Meanwhile, threat actors were not slow to take advantage. It has since maintained a frequently updated guide to mitigations. The US Cyber security & Infrastructure Security Agency (CISA) quickly issued an alert and directed all federal agencies to mitigate the vulnerabilities in short order. The Log4Shell flaws are serious and easy to exploit. Soon after, security pundits began predicting that the Log4Shell flaw, as it was dubbed, was possibly the worst security nightmare of all time. On 9 December 2021 the world learned of a remote code execution vulnerability in Apache’s Log4J solution, a Java-based logging system. But was it all that bad? Steve Mansfield-Devine investigates. The Log4Shell bug seemed to present a huge existential threat. Back in December 2021, you would have been forgiven for thinking the end of the world was nigh.
0 kommentar(er)
