As your trusted cyber security resource, ControlAltProtect is continually monitoring for security breaches that may impact you. We are committed to making you aware immediately when a serious threat emerges, so you can take the necessary steps to protect yourself.
Today, we are reporting a new “Zero Day” critical vulnerability titled CVE-2021-44228. This vulnerability is impacting Java logging package “log4j” globally.
What Is CVE-2021-44228
Java logging touches many widely-used applications in our current technological world. Chances are that you’re using many of these applications on a daily basis both personally and in your business. The compromised Java package is being weaponized by hackers to execute malicious code. It is even enabling complete takeovers. This is likely the most critical vulnerability we’ve seen in 2021.
What Is The Impact
Millions of applications and manufacturers use log4j for logging and have been impacted by this event. This list continues to grow. At this time, the following have been impacted:
- Apple
- Steam
- Tesla
- Apache applications (e.g. Apache Struts, Solr, and Druid)
- Redis
- ElasticSearch
- Video games (e.g. Minecraft)
Take Action Now
This situation is critical. It’s vital that you heed this warning and follow directions as outlined below.
C-Suite/Business Owners/Small to Mid-Cap Businesses:
- Your IT department or provider should contact ControlAltProtect immediately by calling 1-877-CYBER911 or emailing helpnow@controlaltprotect.com. ControlAltProtect will help ensure all related java infrastructures are patched properly.
- Updates or “Patches” are required to prevent cyber-attacks resulting from this vulnerability.
- If you’re not a ControlAltProtect client, who is safeguarding and monitoring your data for hacking threats? If you’re relying on your IT company for security, please call or email us. This critical vulnerability, as well as many others, are putting you at risk.
IT Techs & Security Teams within the InfoSec Community:
ControlAltProtect is at the forefront of this issue and is working closely with our partners and credible information sources to keep you up to date on the latest developments.
- As of 12/11/21 – 3pm CDT, exploit attempts led to commodity cryptominer payloads. ControlAltProtect expects further opportunistic abuse by a wide variety of attackers, including ransomware and nation-state actors.
- Major services and applications are impacted globally by the vulnerability due to the prevalence of log4j use in many web apps.
- Due to the ease and rate of exploitation attempts, ControlAltProtect recommends upgrading impacted services to the latest Java or killing the java logging completely for now as the situation and its impact continues to unfold
- We’re seeing a growing impact from this vulnerability toward MSPs. Auvik has publicly expressed the vulnerable log4j library is in use within systems, on-premises ConnectWise has shared advisories and concerns for Connect Wise installations, and n-Able that their RMM and N-Central are affected as well. (We anticipate more RMM products to be impacted).
- We’re investigating the scope and will post an update as soon as it’s defined.
At this time, please patch or kill all appertaining infrastructures, and standby for more directions. If you encounter a vendor or software provider who has not yet provided a “vaccination” or patch to kill this threat, we recommend you discontinue use until they do.
Our team has been investigating log4j since 12/09. We will provide updates as we learn more about this zero day scenario and its growing potential threats.