AI EXPRESS
  • AI
    The Potential for Artificial Intelligence in Healthcare

    The Potential for Artificial Intelligence in Healthcare

    AI and the Future of Work

    AI and the Future of Work

    Artificial Intelligence

    Humans Can’t Tell Between Real And AI-Generated Face

    The NHS hopes an AI chatbot will help tackle patient wait times

    The NHS hopes an AI chatbot will help tackle patient wait times

    OpenAI’s GPT-3 is a convincing philosopher

    OpenAI’s GPT-3 is a convincing philosopher

    Chess robot breaks child’s finger after premature move

    Chess robot breaks child’s finger after premature move

  • ML
    Promote feature discovery and reuse across your organization using Amazon SageMaker Feature Store and its feature-level metadata capability

    Promote feature discovery and reuse across your organization using Amazon SageMaker Feature Store and its feature-level metadata capability

    Optimal pricing for maximum profit using Amazon SageMaker

    Optimal pricing for maximum profit using Amazon SageMaker

    Amazon Comprehend announces lower annotation limits for custom entity recognition

    Amazon Comprehend announces lower annotation limits for custom entity recognition

    python __init__

    Python __init__: An Overview – Great Learning

    Scale YOLOv5 inference with Amazon SageMaker endpoints and AWS Lambda

    Scale YOLOv5 inference with Amazon SageMaker endpoints and AWS Lambda

    Simplify iterative machine learning model development by adding features to existing feature groups in Amazon SageMaker Feature Store

    Simplify iterative machine learning model development by adding features to existing feature groups in Amazon SageMaker Feature Store

    add python to path

    How to Add Python to Path

    Build and train ML models using a data mesh architecture on AWS: Part 2

    Build and train ML models using a data mesh architecture on AWS: Part 1

    Build and train ML models using a data mesh architecture on AWS: Part 2

    Build and train ML models using a data mesh architecture on AWS: Part 2

  • NLP
    Real-time Analytics News for Week Ending April 2

    Real-time Analytics News for Week Ending August 6

    You Need To Stop Doing This On Your AI Projects

    You Need To Stop Doing This On Your AI Projects

    Holographic exhibit of Jewish survivors, and more, comes to Aspen

    Holographic exhibit of Jewish survivors, and more, comes to Aspen

    Supply Chain: How AI can bring transparency and visibility to supply chains, improve security and traceability of products

    Supply Chain: How AI can bring transparency and visibility to supply chains, improve security and traceability of products

    Struggling with drug labels data? Why you should consider natural language processing

    Struggling with drug labels data? Why you should consider natural language processing

    Cynthia.io Emerges From Stealth with Pre-seed Funds

    Integrating L&D into the work flow

    Integrating L&D into the work flow

    Schwab Launches New Crypto Thematic ETF

    Schwab Launches New Crypto Thematic ETF

    CEOWORLD magazine

    As Supply Chain Woes Continue, CEOs Should Look to Advanced Technologies for Answers

  • Vision
    How to train and use a custom YOLOv7 model

    How to train and use a custom YOLOv7 model

    viso.ai Logo

    Deep Learning for Person Re-Identification (2022)

    NVIDIA Jetson AGX Orin 32GB Production Modules Now Available; Partner Ecosystem Appliances and Servers Arrive

    NVIDIA Jetson AGX Orin 32GB Production Modules Now Available; Partner Ecosystem Appliances and Servers Arrive

    viso.ai Logo

    Guide to Generative Adversarial Networks (GANs) in 2022

    viso.ai Logo

    14 Applications of Computer Vision in Construction (2022 Guide)

    Pattern Matching With Normalised Greyscale Correlation

    Pattern Matching With Normalised Greyscale Correlation

    Filters In Convolutional Neural Networks

    Filters In Convolutional Neural Networks

    Inside the Artificial Intelligence program that creates images from textual descriptions

    Inside the Artificial Intelligence program that creates images from textual descriptions

    Startup Ups Game for Cricket, Football and More With Vision AI

    Startup Ups Game for Cricket, Football and More With Vision AI

  • Robotics
    Amazon to acquire iRobot; Robotics at DHL with Sally Miller

    Amazon to acquire iRobot; Robotics at DHL with Sally Miller

    amazon

    Inside Amazon’s robotics ecosystem – The Robot Report

    Amazon buying iRobot for $1.7B

    Amazon buying iRobot for $1.7B

    forwardx mobile robot in a warehouse

    ForwardX officially launches AMRs in U.S.

    FedEx purchasing $200M of Berkshire Grey robots

    FedEx purchasing $200M of Berkshire Grey robots

    MIRA

    Virtual Incision’s MIRA to be sent to the ISS 2024

    RoboBusiness 2022

    Early bird registration for RoboBusiness ends Aug. 20

    a robot arm hold a refueling hose next to a military vehicle

    Stratom launches autonomous ground vehicle refueling solution

    Top 10 robotic stories of July 2022

    Top 10 robotic stories of July 2022

  • RPA
    How to Create a Rock Solid Technology Portfolio with Hyperautomation?| AutomationEdge

    How to Create a Rock Solid Technology Portfolio with Hyperautomation?| AutomationEdge

    Unlocking the Top Healthcare Automation Trends with Use Cases that Rule the World| AutomationEdge

    Unlocking the Top Healthcare Automation Trends with Use Cases that Rule the World| AutomationEdge

    Staying Ahead of the Time with AI-Powered Customer Experience

    Staying Ahead of the Time with AI-Powered Customer Experience| AutomationEdge

    Why is Developing Decision Intelligence with AI Support Crucial in Healthcare?

    Why is Developing Decision Intelligence with AI Support Crucial in Healthcare?

    Robotic Process Automation using Blue Prism

    Robotic Process Automation using Blue Prism

    AI- The Tech Medicine Ameliorating the Healthcare Industry?

    AI- The Tech Medicine Ameliorating the Healthcare Industry?| AutomationEdge

    Take employee experience into hyperdrive with Hyperautomation

    Hyperautomation- Your Answer to Enhance Employee Experience| AutomationEdge

    Know Why Automation Now Resides in the Heart of Customer Contact Centers| AutomationEdge

    Know Why Automation Now Resides in the Heart of Customer Contact Centers| AutomationEdge

    Conversational AI, Healing the Healthcare Industry| AutomationEdge

    Conversational AI, Healing the Healthcare Industry| AutomationEdge

  • Gaming
    Redfall is making a 30 minute-long appearance at QuakeCon

    Redfall is making a 30 minute-long appearance at QuakeCon

    Baldur's Gate: Dark Alliance 2 Review (Switch eShop)

    Baldur’s Gate: Dark Alliance 2 Review (Switch eShop)

    PlayStation is asking players about NFTs they like to collect at Evo

    PlayStation is asking players about NFTs they like to collect at Evo

    MultiVersus' hitbox and hurtbox system is getting a "big overhaul"

    MultiVersus’ hitbox and hurtbox system is getting a “big overhaul”

    Mario Kart 8 Deluxe datamine reveals list of potential tracks coming in future DLC

    Mario Kart 8 Deluxe datamine reveals list of potential tracks coming in future DLC

    Sega Rolling Out New Update For Sonic Origins, Here's What's Included

    Sega Rolling Out New Update For Sonic Origins, Here’s What’s Included

    Support for Nintendo Joy-Con controllers added to Steam

    Support for Nintendo Joy-Con controllers added to Steam

    Monster Hunter Rise: Sunbreak stream to provide news on Title Update 1 next week

    Monster Hunter Rise: Sunbreak stream to provide news on Title Update 1 next week

    This Lord of the Rings Unreal Engine 5 game trailer is outstanding

    This Lord of the Rings Unreal Engine 5 game trailer is outstanding

  • Investment
    Xpansiv Receives $400M Investment from Blackstone

    Xpansiv to Buy Evolution Markets

    DataMesh

    DataMesh Closes Funding Round

    ZSuite Technologies

    ZSuite Tech Raises $11M in Series A Funding

    Ghost Security

    Ghost Security Raises $15M in Funding

    KnowBe4 Ventures

    KnowBe4 Establishes KnowBe4 Ventures

    Sibel Health Raises $33M in Series B Funding

    Sibel Health Raises $33M in Series B Funding

    top tier capital partners

    Top Tier Capital Partners Closes Fund, at $925M

    lumu

    Lumu Raises USD8M in Funding

    GamGraPhic

    CamGraPhIC Raises Over £800K in Funding

  • More
    • Data analytics
    • Apps
    • No Code
    • Cloud
    • Quantum Computing
    • Security
    • AR & VR
    • Esports
    • IOT
    • Smart Home
    • Smart City
    • Crypto Currency
    • Blockchain
    • Reviews
    • Video
No Result
View All Result
AI EXPRESS
No Result
View All Result
Home Security

With Log4j vulnerability, the full impact has yet to come

seprameen by seprameen
December 23, 2021
in Security
0
Log4j vulnerabilities, malware strains multiply; major attack disclosed
0
SHARES
1
VIEWS
Share on FacebookShare on Twitter

Hear from CIOs, CTOs, and different C-level and senior execs on knowledge and AI methods on the Way forward for Work Summit this January 12, 2022. Study extra


There’s no technique to sugarcoat it: the widespread vulnerability in Apache Log4j will likely be exploited for some nastier cyberattacks than these we’ve seen to date. And the worst of them may very well be months — and even years — into the longer term.

Subtle attackers typically create a backdoor into an exploited server, enabling them to bypass safety instruments as they re-enter and exit. So even when a company has patched towards the vulnerability in Log4j, an attacker might be able to stay within the community, undetected, till the time is good to strike.

If that sounds scary — nicely, it in all probability ought to.

“In lots of circumstances, attackers breach an organization, acquire entry to networks and credentials, and leverage them to hold out large assaults months and years later,” mentioned Rob Gurzeev, cofounder and CEO of CyCognito.

New gamers

The vulnerability within the broadly used Log4j logging library was publicly revealed every week in the past, and an onslaught of greater than 1 million tried assaults have adopted, in accordance with Test Level. Researchers on the firm mentioned they’ve noticed tried exploits on greater than 44% of company networks worldwide.

A lot of the malicious assault quantity over the previous week has concerned “hobbyists” or solo operators, mentioned Casey Ellis, founder and chief know-how officer at Bugcrowd. However proof has emerged that extra subtle risk actors have begun to take advantage of the vulnerability in Log4j, as nicely. These embody attackers trying to get a foothold in networks as a way to promote that entry to ransomware operators.

Compared to the hobbyists, these attackers are extra like a multinational enterprise, Ellis mentioned. “Their enterprise mannequin is constructed on scale and reliability of intrusion,” he mentioned.

And crucially, “subtle attackers don’t need to get caught earlier than they’ve gotten their job accomplished, so they have a tendency to develop strategies and working practices that make them quieter, and more durable to see,” Ellis mentioned.

As soon as they’ve established a foothold, subtle attackers will typically take their time in surveying customers and safety protocols earlier than executing the total brunt of their assaults, mentioned Hank Schless, senior supervisor for safety options at Lookout.

This helps them strategize methods to most successfully keep away from current safety practices and instruments, Schless mentioned, “whereas concurrently figuring out what elements of the infrastructure could be simplest to encrypt for a ransomware assault.”

Different actions can embody exfiltrating knowledge slowly — so slowly that it usually received’t be blocked or detected, Gurzeev mentioned.

See also  Surprising cybersecurity weak points business owners should look out for

Evading detection

It’s not that hackers can’t be detected on this scenario, however additionally they repeatedly hone their techniques to evade detection makes an attempt, mentioned Asaf Karas, chief know-how officer for safety at JFrog. Over the previous week, “we’ve already seen the usage of obfuscation to keep away from detection,” Karas mentioned.

Within the case of the Sony breach of 2014, the New York Occasions reported that the attackers spent two months mapping the corporate’s methods and figuring out key information. (“They have been extremely cautious, and affected person,” an individual briefed on the investigation advised the Occasions, talking of the attackers.) Wired reported that the attackers could have been stealing knowledge over the course of a full 12 months.

The attackers within the SolarWinds Orion breach, in the meantime, are believed to have had entry for 9 months to “a number of the most subtle networks on the planet,” together with cybersecurity agency FireEye, Microsoft, and the U.S. Treasury Division, mentioned Peter Firstbrook, a analysis vice chairman and analyst at Gartner, on the agency’s latest safety convention.

For attackers, “if the motive is to steal delicate info, you would possibly need to simply be actually quiet and simply pay attention in and steal knowledge because it’s coming,” mentioned Sonali Shah, chief product officer at Invicti.

However after a breach involves gentle, it’s not all the time clear how the attackers even obtained in initially — particularly if a considerable amount of time has handed. And which will very nicely be the case with any main assaults that stem from the vulnerability in Log4j, Gurzeev mentioned.

“Since we’d solely be taught in regards to the assaults in months or years from now, it is perhaps powerful to correlate,” he mentioned.

‘Sky is the restrict’

Researchers have mentioned they do count on extra critical assaults to end result from the vulnerability in Log4j, generally known as Log4Shell. Many purposes and providers written in Java are probably susceptible to Log4Shell, which might allow distant execution of code by unauthenticated customers. Distributors together with Bitdefender and Microsoft have already reported tried ransomware assaults exploiting the vulnerability in Log4j.

Moreover, Microsoft and cyber agency Mandiant mentioned this week that they’ve noticed exercise from nation-state teams—tied to nations together with China and Iran—looking for to take advantage of the Log4j vulnerability. In a single occasion, an Iranian group generally known as Phosphorus, which has beforehand deployed ransomware, has been seen “buying and making modifications of the Log4j exploit,” Microsoft mentioned.

The chance of ransomware assaults deriving from Log4Shell is excessive, researchers have mentioned. However in the case of distant code execution, “the sky is the restrict on what an attacker can obtain as an finish end result as they pivot and execute instructions on different apps, methods, and networks,” mentioned Michael Isbitski, technical evangelist at Salt Safety.

See also  Okta on handling of Lapsus$ breach: 'We made a mistake'

As a result of widespread nature of the flaw, “the lengthy tail on this vulnerability goes to be fairly lengthy,” mentioned Andrew Morris, the founder and CEO at GreyNoise Intelligence. “It’s in all probability going to take some time for this to get utterly cleaned up. And I believe that it’s going to be a little bit bit earlier than we begin to perceive the size of affect from this.”

Response effort

The excellent news is that in some methods a minimum of, companies are in a greater place to keep away from a disaster now than previously. This being 2021, many companies are extra primed to reply rapidly — as evidenced by the speedy response of safety groups late final week, lots of which labored via the weekend to safe their methods.

In the meantime, key applied sciences for defenders trying to root out the attackers sitting of their networks can embody internet software firewall (WAF) and intrusion prevention system (IPS) applied sciences, Ellis mentioned.

“A motivated attacker will discover a bypass for them, however the noise generated by everybody else will likely be turned down within the course of, making their actions simpler to see,” he mentioned.

For bigger organizations, “the massive factor is to do the whole lot you possibly can to know the place Log4j is or is prone to be in your surroundings, then logging the whole lot and watching it — particularly internally — like a hawk, and deal with suspected assaults towards these methods as if they have been profitable,” Ellis mentioned.

For smaller organizations who would possibly lack the headcount to do that, “engaged on an ‘assume breach’ foundation and deploying honeypots and honeytokens is a low-noise, high-signal technique to detect post-exploitation exercise,” he mentioned. Honeypots are pretend “susceptible” servers meant to catch attackers within the act, whereas honeytokens provide an identical idea however for knowledge.

In the end, getting a deal with on all the property and methods that the group possesses is a crucial first step, Gurzeev mentioned.

“You’ll be able to’t shield what you don’t know,” he mentioned. “However as soon as you already know, you possibly can set compensating controls, shut the gaps, and take different steps to reduce buyer threat and enterprise threat — which ought to be everybody’s prime precedence.”

Source link

Tags: fullImpactLog4jvulnerability
Previous Post

Elon Musk Officially Released Tesla's Upgraded Bot!

Next Post

Shiba Inu ($SHIB) surges 10% amid 4 trillion accumulation from Ether (ETH) whales

seprameen

seprameen

Next Post
Shiba Inu announced via its official Twitter page that the holders of the meme coin are now over a million

Shiba Inu ($SHIB) surges 10% amid 4 trillion accumulation from Ether (ETH) whales

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Newsletter

Popular Stories

  • You Should Install The New Zero Day Patch For Google Chrome ASAP

    Update To Chrome 103 Or Later Now To Avoid A Big Zero Day Exploit Risk

    0 shares
    Share 0 Tweet 0
  • Don’t overengineer your cloud architecture

    0 shares
    Share 0 Tweet 0
  • LG TV Owners Can Get 90 Days Of Stadia Pro For Free

    0 shares
    Share 0 Tweet 0
  • New protonic programmable resistors improve AI speed and efficiency

    0 shares
    Share 0 Tweet 0
  • How To Set Up PS5 Remote Play On The Steam Deck

    0 shares
    Share 0 Tweet 0

Security Jobs

View 115 Security Jobs at Tesla

View 165 Security Jobs at Nvidia

View 105 Security Jobs at Google

View 135 Security Jobs at Amamzon

View 131 Security Jobs at IBM

View 95 Security Jobs at Microsoft

View 205 Security Jobs at Meta

View 192 Security Jobs at Intel

Accounting and Finance Hub

Raised Seed, Series A, B, C Funding Round

Get a Free Insurance Quote

Try Our Accounting Service

AI EXPRESS

AI EXPRESS is a news site that covers the latest developments in Artificial Intelligence, Data Analytics, ML & DL, Algorithms, RPA, NLP, Robotics, Smart Homes & Cities, Cloud & Quantum Computing, AR & VR and Blockchains

Categories

  • AI
  • Ai videos
  • Apps
  • AR & VR
  • Blockchain
  • Cloud
  • Computer Vision
  • Crypto Currency
  • Data analytics
  • Esports
  • Gaming
  • Gaming Videos
  • Investment
  • IOT
  • Iot Videos
  • Low Code No Code
  • Machine Learning
  • NLP
  • Quantum Computing
  • Robotics
  • Robotics Videos
  • RPA
  • Security
  • Smart City
  • Smart Home

Quick Links

  • Reviews
  • Deals
  • Best
  • AI Jobs
  • AI Events
  • AI Directory
  • Industries

© 2021 Aiexpress.io - All rights reserved.

  • Contact
  • Privacy Policy
  • Terms & Conditions

No Result
View All Result
  • AI
  • ML
  • NLP
  • Vision
  • Robotics
  • RPA
  • Gaming
  • Investment
  • More
    • Data analytics
    • Apps
    • No Code
    • Cloud
    • Quantum Computing
    • Security
    • AR & VR
    • Esports
    • IOT
    • Smart Home
    • Smart City
    • Crypto Currency
    • Blockchain
    • Reviews
    • Video

© 2021 Aiexpress.io - All rights reserved.