Log4j 소프트웨어 버그가 '계상할 수 없는' 손상을 일으킬 수 있습니다. | Log4J 결함은 72시간 내에 84만 건 이상의 공격이 시작되면서 대유행으로 변함

newsroom 12/15 '21 posted 뉴스 IT

간단히 말해서 Log4Shell은 Java 웹 및 데스크톱 응용 프로그램에 로깅 기능을 추가하는 Java 라이브러리인 Log4j의 취약성입니다.

• Log4j는 마인크래프트, 애플 아이클라우드, 클라우드플레어, 트위터를 포함한 수많은 클라우드 및 엔터프라이즈 앱에서 소프트웨어 활동을 추적하기 위해 사용되는 널리 사용되는 오픈 소스 로깅 유틸리티입니다.

화요일, 보안 연구원들은 해커들이 84만 건 이상의 사이버 공격에서 최근에 발견된 Log4J의 공격을 이용했다고 밝혔습니다. 악역들은 애플, 아마존, IBM, 마이크로소프트, 그리고 시스코와 같은 유명 기업들을 포함한 전 세계의 회사들을 목표로 삼았습니다.

Log4Shell attacks began two weeks ago, Cisco and Cloudflare say [therecord.media]

CISA to brief critical infrastructure companies about urgent new Log4j vulnerability [www.cyberscoop.com]

Where the Latest Log4Shell Attacks Are Coming From [threatpost.com]

Yahoo [techcrunch.com]

Quebec shuts down thousands of sites as disclosure of the Log4Shell flaw [securityaffairs.co]

Almost half of networks probed for Log4Shell weaknesses [www.computerweekly.com]

Researchers trigger new exploit by renaming an iPhone and a Tesla [www.theverge.com]

The Numbers Behind Log4j CVE-2021-44228 [blog.checkpoint.com]

Log4j software bug could cause 'incalculable' damage: What you need to know [www.cnet.com]

Log4J flaw turns into pandemic with over 840,000 attacks initiated within 72 hours [www.techspot.com]

Yahoo [www.yahoo.com]

What the Log4Shell Bug Means for SMBs: Experts Weigh In [threatpost.com]

Second Log4j vulnerability discovered, patch already released [www.zdnet.com]

What is the Log4Shell vulnerability? [www.itpro.co.uk]

Critical Apache Log4j2 Exploit Demonstrated in Minecraft [www.pcmag.com]

newest replies popular replies

Open Wiki - Feel free to edit it. -

12/15 '21 answered

More logging means it's easier than ever to execute the discovery course of action to identify earlier exploitation. I expect to see more evidence of pre-disclosure exploitation in the future. https://t.co/mxubEeckEF
— Jake Williams (@MalwareJake) December 13, 2021

The #Kinsing and #Muhstik cryptomining botnets are some of the first to exploit any new RCE vulnerability: this time it’s Log4j & Log4Shell. Those two names have cropped up for several major RCEs this year, they’ve actually become one way to tell how bad a new RCE is.
— Will | Bushido (@BushidoToken) December 11, 2021

Earliest evidence we’ve found so far of #Log4J exploit is 2021-12-01 04:36:50 UTC. That suggests it was in the wild at least 9 days before publicly disclosed. However, don’t see evidence of mass exploitation until after public disclosure.
— Matthew Prince ? (@eastdakota) December 11, 2021

Log4Shell attacks began two weeks ago, Cisco and Cloudflare say

-4 major botnets spotted abusing Log4Shell right now (per Netlab)
-more than 10k hosts scanning for it (per Kryptos Logic)
-DDoS, crypto-miners, and CS beacons as payloads for nowhttps://t.co/oIm2wzNLHv pic.twitter.com/E9B42fKQY7
— Catalin Cimpanu (@campuscodi) December 13, 2021

Attacks exploiting the Log4Shell vulnerability started two weeks ago, according to two tech companies https://t.co/eu6UNAPnxB
— The Record by Recorded Future (@TheRecord_Media) December 13, 2021

Log4Shell attacks began two weeks ago, Cisco and Cloudflare say https://t.co/IxDwPK5Lea
— Ken Westin (@kwestin) December 13, 2021

CISA to brief critical infrastructure companies about urgent new Log4j vulnerability https://t.co/ncQ6Ijvfxm
— The Cyber Security Hub™ (@TheCyberSecHub) December 13, 2021

Quebec shuts down thousands of sites as disclosure of the Log4Shell flaw https://t.co/hUutS4XbxH
— Nicolas Krassas (@Dinosn) December 13, 2021

Relatedly. I see reports that some sites are seeing as many 100 attempted hacks per minute, across more than 40% of corporate networks. https://t.co/zQPWuSTMPK
— Paul Kedrosky (@pkedrosky) December 14, 2021

한편 기업용 네트워크 거의 절반에 대해 Log4j 보안 취약점 탐지 시도가 있었다는 분석도… https://t.co/a7oV0zLz3b
— H. Kim (@metavital) December 14, 2021

Log4j 보안 결함이 공개된 후 72시간 동안 83만 건 이상의 공격 시도가 기록되는 등 전세계적으로 전방위적, 무작위 공격들이 이어지고 있다고… https://t.co/orzBhVWZe1
— H. Kim (@metavital) December 14, 2021

Approximately one year after the #SolarWinds Attack, the Apache #Log4j vulnerability has taken the #cybersecurity world by storm. @_CPResearch_ has witnessed new variations of the original exploit being introduced rapidly, over 60 in less than 24 hrs: https://t.co/BLlFxIflOj pic.twitter.com/KMQrUAowZU
— Check Point Software (@CheckPointSW) December 13, 2021

Unlike other major #cyberattacks, #Log4j is basically embedded in every #Java-based product or #webservice. This gives attackers many alternatives to bypass newly introduced protections rendering the exploit difficult to remediate: https://t.co/BLlFxHXKWL pic.twitter.com/H1UUcQUuXE
— Check Point Software (@CheckPointSW) December 14, 2021

Apache Log4j vulnerability exploit growthhttps://t.co/ALzAA0Thn4 pic.twitter.com/AmE1ZiSSvi
— John Koetsier, CEO of $SMRT (@johnkoetsier) December 14, 2021

What the Log4Shell Bug Means for SMBs: Experts Weigh In: https://t.co/1GChnUaJZD
— The Cyber Security Hub™ (@TheCyberSecHub) December 14, 2021

Log4Shell(CVE 2021- 4422)に対応するLog4j 2.15.0での脆弱性修正は不完全で、JEDIルックアップパターンによるDoSが可能。CVE 2021-45046が新たに発行されてて、Log4j 2.16.0はそのFix版とのこと。なるほど。https://t.co/zKcfGZUYdl https://t.co/a3iNDxrFzm
— SAKON (@sakon310) December 15, 2021

https://t.co/kfAufuZzl0 The pain just continues huh...
— sarah (@winocm) December 14, 2021

Not as bad as the first as it's requires non default configuration. #log4j https://t.co/UNnPBV0PgJ pic.twitter.com/4u98fjaBPl
— Tom?\(^-^)/ (@TomLawrenceTech) December 14, 2021

We are not done yet. #log4j has been patched again as the previous fix was "incomplete in certain non-default configurations.". Upgrade to 2.16.0 instead of 2.15.0. Do the same for your vendor provided software. https://t.co/cA8lQ3C3QN
— Mohit Kalra (@mohitkalra) December 14, 2021

Second Log4j vulnerability found, Apache Log4j 2.16.0 released https://t.co/Mdvt4PGh4C by @jgreigj
— ZDNet (@ZDNet) December 14, 2021

参考情報のおまけ。https://t.co/D7S3sZQp4L
— 釜山公徳 (Masanori, KAMAYAMA) (@MasaKAMAYAMA) December 14, 2021

Thanks to @_JohnHammond for chatting with me about this for @PCMag!

Critical Apache Log4j2 Exploit Demonstrated in Minecraft https://t.co/zS9GlQTEp3 #PCMag
— Kim Key? (@KimNewsome) December 13, 2021

permanent link

Reply with curations

Related

Featured