CIO Influence
CIO Influence News Security

Cybereason Government Inc. Warns of Log4Shell Exploits over Holidays

Cybereason Government Inc. Warns of Log4Shell Exploits over Holidays
Cybereason Offers Temporary Workaround to Neutralize Log4Shell Vulnerabilities and Guidance to Address Ransomware Risks Over the Holidays

Cybereason Government Inc, cautioned organizations to be vigilant over the Christmas and New Year’s Holidays in the face of an anticipated surge in cyber attacks. The risk is exacerbated by active exploits targeting the recently disclosed Log4Shell vulnerabilities impacting the widely used Log4j logging software.

A recent report conducted by Cybereason, titled Organizations at Risk: Ransomware Attackers Don’t Take Holidays, 60% revealed that cyber attacks occurring over weekend and holiday periods took longer to assess the scope of the attack. Cyber risk this holiday season is compounded by reports of a growing number of attacks exploiting Log4Shell vulnerabilities that impact nearly a third of all web servers and numerous software applications and services.PREDICTIONS SERIES 2022

Top iTechnology Security News: Privoro Raises $30Million in Series B Funding to Meet Demand for Hardware-Backed Mobile Security

Cybereason researchers developed a freely available vaccine called Logout4Shell that leverages the Log4Shell exploit to neutralize the Log4j vulnerabilities. Cybereason also recently briefed officials from CISA and the FBI regarding the risk from ransomware attacks over the holiday period specifically, given that most organizations only maintain skeleton crews on weekends and holidays, which increases the likelihood an attack will be successful.

Cybereason recommendations for reducing cyber attack risks during holiday periods include:

    • Upgrading to the latest patched version of Log4j as soon as possible, or leverage the Cybereason Logout4Shell vaccine to protect vulnerable servers while assessing the steps required to implement the patch.
    • Evaluate lock-down of critical accounts for the weekend/holiday when possible. Highest privilege accounts in many cases are rarely required to be in use during the weekend or holiday breaks.
    • Ensuring clear isolation practices are in place to stop any further ingress on the network or spreading of malware or ransomware to other devices. Teams should be proficient at things like disconnecting a host, locking down a compromised account, and blocking a malicious domain, etc. Testing these procedures with scheduled or unscheduled drills at least every quarter is recommended to make sure all personnel and procedures work as expected.
    • Assuring key security team members can be reached at any time of day as critical response actions can be delayed during weekend/holiday periods. Having clear on-call duty assignments for off-hours security incidents is crucial here.

Cybereason is dedicated to teaming with defenders in both the public and private sectors to end cyber attacks from endpoints to the enterprise to everywhere. Learn more about the Cybereason Government advantage or schedule a demo today to learn how your organization can benefit from an operation-centric approach to security.

Top iTechnology AIOps News: Synopsys Chosen by Juniper Networks to Accelerate Development of Photonic ICs for Next-Gen Data Centers

[To share your insights with us, please write to sghosh@martechseries.com]

Related posts

Simon Data Raises Series D Funding Round to Further Develop World’s First Fully-Connected CDP

Business Wire

Penguin Computing Announces GovPOD HPC/AI Cloud an On-Demand Cloud Service for the Federal Government

CIO Influence News Desk

Olivia from Paradox Now an SAP Endorsed App Available on SAP Store

CIO Influence News Desk

Leave a Comment