{"id":44610,"date":"2021-12-22T18:02:00","date_gmt":"2021-12-22T18:02:00","guid":{"rendered":"http:\/\/ebff7186-2d44-40c4-96c1-cc58bbe5e12a"},"modified":"2021-12-22T18:02:00","modified_gmt":"2021-12-22T18:02:00","slug":"log4j-flaw-attackers-are-actively-scanning-networks-warns-new-cisa-guidance","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/log4j-flaw-attackers-are-actively-scanning-networks-warns-new-cisa-guidance\/","title":{"rendered":"Log4j flaw: Attackers are ‘actively scanning networks’ warns new CISA guidance"},"content":{"rendered":"

A new informational Log4J<\/a> advisory has been issued<\/a> by cybersecurity leaders from the US, Australia, Canada, New Zealand and the United Kingdom. The guide includes technical details, mitigations and resources to address known vulnerabilities in the Apache Log4j software library.<\/p>\n

\n

more Log4j<\/span> <\/h3>\n<\/p><\/div>\n

The project is a joint effort by the US’ Cybersecurity and Infrastructure Security Agency (CISA), FBI and NSA, as well as the Australian Cyber Security Centre (ACSC), Canadian Centre for Cyber Security (CCCS), Computer Emergency Response Team New Zealand (CERT NZ), New Zealand National Cyber Secure Centre (NZ NCSC), and the United Kingdom’s National Cyber Security Centre (NCSC-UK). <\/p>\n

The organizations said<\/a> they issued the advisory in response to “active, worldwide exploitation by numerous threat actors, including malicious cyber threat actors.” Numerous groups<\/a> from North Korea, Iran, Turkey and China have been seen exploiting the vulnerability alongside a slate of ransomware<\/a> groups<\/a> and cybercriminal organizations<\/a>. <\/p>\n

CISA Director Jen Easterly said Log4j vulnerabilities present a severe and ongoing threat to organizations and governments around the world<\/p>\n

“We implore all entities to take immediate action to implement the latest mitigation guidance to protect their networks,” Easterly said. “These vulnerabilities are the most severe that I’ve seen in my career, and it’s imperative that we work together to keep our networks safe.” <\/p>\n

Cybersecurity company Sonatype<\/a> has tracked the number of total Log4j downloads since the vulnerability was discovered on Dec. 10, also noting the number of vulnerable versions of Log4j being downloaded in the last hour. Even with the massive mobilization effort around the issue, 43% of the Log4j downloads in the last hour are of vulnerable versions. <\/p>\n

\"log4j-chart.png\"<\/span>