JAVA Zero-Day Exploit log4j may affect your infrastructure
DATELINE: Monday, December 13, 2021
UPDATE: Monday, January 10, 2022 - The Log4j Zero-Day Vulnerability Response page at the Center for Internet Security has updated fixes.
An alert went out to SOISA members regarding a zero-day exploit that has affected Cisco appliances, software, and network management tools as well as hundreds of other applications and thousands of servers.
Apple, Microsoft, and many services, games, and network monitoring systems are affected, with more to be discovered over the coming days and weeks, no doubt.
If you have a cybersecurity service, then they already know about this. You might want to ask if they can run deep scans through your internal network systems both to check for the vulnerability and to check for evidence of compromise and post-exploitation activity on your network. If you don't have a cybersecurity service for your company, you will want to ask your cyber/IT staff or contractors to quickly check your systems (see resources below) and take appropriate measures to mitigate and remediate.
This is a big zero-day, for example, able to take complete control of a Minecraft server and the computers of all the players on it with a single chat message. As many IT staff and cloud services run Minecraft servers on space machines, at home, or on developer boxes, this is just one example of how this vulnerability can be used to quickly penetrate home and corporate networks through a "side door". The Cisco systems vulnerabilities have even more devastating potential. Fortunately, the infosec community and IT professionals are acting quickly to provide free scanning tools, security system rules, and more to help.
Cisco Systems Vulernability Advisory
A fully automated, accurate, and extensive scanner to find log4j-vulnerable systems
Rules and Methods of Post-Exploitation Network Activity Detection by NCC Group
UPDATE: The CISA page on log4j vulnerability guidance is recommended for the latest information and mitigations.
We give our thanks and kudos to the professionals and groups that have provided such quick response, generosity, and dedication to the cause!