Public and private organizations alike, including Microsoft and the U.S. Federal Trade Commission (FTC), are alerting organizations against continuous attacks exploiting Log4Shell. Since December 2021, state-sponsored and other attackers have been targeting the Log4j flaw.

A warning from Microsoft

According to Microsoft, organizations might not be fully mindful of Log4j flaws in their environment. In the past month, Microsoft released multiple updates and alerts to help their customers.
  • The tech firm has observed that many known attackers are adding and creating exploits of Log4Shell (CVE-2021-44228 and CVE-2021-45046) in their malware kits and tactics, such as hands-on keyboard attacks and coin miners.
  • Microsoft noted that the exploitation attempts and testing stayed high during the last weeks of December 2021. 
  • Most of the observed attacks include mass-scanning, establishing remote shells, coin mining, and red-team activity.

Another warning from FTC

Along with Microsoft, the FTC has warned that it is planning to take action against any U.S. company failing to protect their customers' information against the ongoing Log4j attacks. The obligation to take proper steps to fix any known software vulnerabilities stems from laws such as the Gramm Leach Bliley Act and the Federal Trade Commission Act.

Conclusion

Organizations should widen their scanning capabilities to stay protected and identify threats to their environments. They should use scripts and scanning tools to better assess potential risks. Moreover, the FTC warning has advised companies to follow the CISA's guidance on fixing the Log4j flaws.

Cyware Publisher

Publisher

Cyware