Friday, December 17, 2021

Famous Software Log4j Very Big Risk Realized in Minecraft

A security vulnerability has been found gaping due to a bug in the Log4j software. It is a very popular software because it is used by millions of web servers. The vulnerability is vulnerable to attack, and teams around the world are trying to cover systems that could be affected before malicious hackers can exploit them.

“The world of the internet is buzzing right now,” said Adam Meyers of cybersecurity firm Crowdstrike.

The problems with Log4j were first recognized in the video game Minecraft, and it was quickly realized that their impact was much broader. This software is used in millions of web applications, including by Apple's iCloud. According to Crowdstrike records, some of the attacks that have already started exploiting this bug are known as Log4Shell attacks, "and have been happening since last December 9th."

The director of the US Cybersecurity and Infrastructure Security Agency, Jen Easterly, said the security hole poses a "severe risk" to the internet. "This vulnerability, which is being widely exploited by certain actors who are creating threats, represents a very urgent challenge for defenders of this already widespread internet network," said Easterly.

The following are some points of explanation about the ongoing threat, quoted from NEW SCIENTIST Monday, December 13, 2021,

What is Log4j?

Almost all types of software used will keep a record of every error and other important records known as logs. So, instead of creating their own logging system, many software developers use open source Log4j, which makes it one of the most widely used logging packages in the world.

It is the popularity of the Log4j software that is now turning the heads of global cybersecurity experts. Its exposed security vulnerabilities impact the millions of pieces of software that are running on the millions of machines, with which we all interact.

What opportunities are given to hackers from the security gap that is open?

Attackers can trick Log4j's software into running malicious code by forcing it to save a log entry that includes a string of text. The way hackers do this varies from program to program. In the case found in Minecraft, the way is through the chat box. A log entry is created to archive each message so that if a string of malicious text is sent from one user to another, that text is embedded into the log.

In another case, Apple's servers were found to have created a log entry that recorded the names assigned to an iPhone by the user in the settings. From this log entry, attackers can run whatever code they want on the server, such as stealing or deleting sensitive data.

Why is this weakness only recently discovered?

The code that makes open source software can be seen, run and even edited by anyone. This transparency can make the software more robust and secure, because there are many pairs of eyes developing it. However, there is no software that can be guaranteed to be 100 percent safe.

The code that unlocks the Log4Shell attack has been around for a long time, but was only discovered last month by a cybersecurity researcher at Chinese computing firm Alibaba Cloud. The researcher immediately reported it to the Apache Software Foundation, a non-profit organization in America that oversees hundreds of open source projects including Log4j, to give him a chance to address them before they are made public.

So what is the current threat status?

Apache has given this vulnerability a 'very important' priority and has been rapidly developing a solution. Now, hundreds of thousands of IT teams are following update Log4j to version 2.15.0. IT teams also still have to clean their code of potential vulnerabilities and keep an eye on attempted hacks.

It's worth noting that a security patching solution might be quick to come by, but it usually takes time for everyone to apply. Computer and network services are also now very complex, layered with levels of abstraction, code, which makes it take months to be able to update all of their services.

And there are always those who don't want to do anything. Also outdated hardware, unupdated code, which hackers can easily exploit

Next Post