Categories
technology

How bad is the Log4j vulnerability? Is Java highly vulnerable? what is Log4j Security Vulnerability in Minecraft? how to protect yourself?

Log4j zero-day flaw: What you need to know and how to protect yourself

Security Vulnerability in Minecraft: Java Edition

Log4j vulnerability likely impacts Minecraft, Apple iCloud, Twitter

The Log4j vulnerability is turning out to be a cybersecurity nightmare that likely impacts a wide range of products from Apple’s iCloud to Twitter to Microsoft’ Minecraft and a number of other enterprise products.

The Log4j vulnerability , first reported on Friday- is turning out to be a cybersecurity nightmare that likely impacts a wide range of products from Apple’s iCloud to Twitter to Microsoft’s Minecraft to Amazon and a number of other enterprise products.

The Log4j software flaw as reported by cybersecurity researchers could allow attackers to have uncontrolled access to computer systems, and even the US government’s cybersecurity agency has issued a warning on the same.

 

Security Vulnerability in Minecraft

applies to Minecraft: Java Edition.

minecraft vulnerability
minecraft vulnerability

We have identified a vulnerability in the form of an exploit within Log4j – a common Java logging library. This exploit affects many services – including Minecraft: Java Edition.
This vulnerability poses a potential risk of your computer being compromised, and while this
exploit has been addressed thanks to a recent patch to the game client, you still need to take the following steps to secure your game and your servers.

What you need to do:

Official Game Client

If you play Minecraft: Java Edition, but aren’t hosting your own server, you will need to take the following steps: Close all running instances of the game and the Minecraft Launcher. Start the Launcher again – the patched version will download automatically.

Modified Clients and Third-party Launchers

Modified clients and third-party launchers might not be automatically updated. In these cases, we recommend following the advice of your third-party provider. If the third-party provider has not patched the vulnerability, or has not stated it is safe to play, you should assume the
vulnerability is not fixed and you are at risk by playing.
Game Server

If you’re hosting your own Minecraft: Java Edition server, you’ll need to take different steps

depending on which version you’re using, in order to secure it.

 

Critical Apache Log4j2 Exploit Demonstrated in Minecraft

We explore a far-reaching, real-world exploit with damaging implications in this edition of SecurityWatch.

Last weekend was a bad time to be a server administrator. A critical vulnerability emerged in Apache Log4j2.

The big problem? Attackers have the chance to exploit the open-source Java package that all kinds of applications, from Twitter to iCloud, use to execute any code an attacker chooses.

What the Apache Log4j2 Exploit Means for You and Me

I spoke with cybersecurity researcher John Hammond from Huntress Labs about the exploit and the subsequent scramble to mitigate the damage.

Hammond recreated the exploit on a Minecraft server for his YouTube channel, and the results were explosive.

 

https://twitter.com/_JohnHammond/status/1469255402290401285

Log4j security flaw puts the entire internet at risk: What top tech companies are saying

The vulnerability was announced suddenly, as a “zero-day” vulnerability, taking the industry by surprise. Here’s how tech companies are responding to the security flaw that is potentially capable of putting the entire internet at risk.

Services of major tech companies are currently facing what experts are calling one of the most serious software flaws in recent times—Log4j vulnerability. The flaw in the Log4j software could allow hackers unfettered access to computer systems and has prompted an urgent warning by the US government’s cybersecurity agency.

The new vulnerability affects the widely used library Log4j which was created by Apache, the most widely used web server. The Log4j vulnerability allows remote code execution by simply typing a specific string into a textbox. It was first discovered by Minecraft players but soon it was realised that this vulnerability wasn’t just a Minecraft exploit, but works on every program using the Log4j library.

To understand how Log4j functions, check out our recent article where we dig more about the exploit and its workings. It should be noted that this bug doesn’t affect all versions of Log4j , and only affects the versions between 2.0 and 2.14.1.

Interestingly, the Log4j exploit is one of the worst vulnerabilities we have had in the last 10 years. Here’s how tech companies are responding to the security flaw that is potentially capable of putting the entire internet at risk.

Microsoft said Saturday that Log4j vulnerability, will not only affect machines that mine cryptocurrencies but can cause more serious problems such as credential and data theft.

Google Cloud in its security advisory notes that it is actively following the security vulnerability. “We are currently assessing the potential impact of the vulnerability for Google Cloud products and services. This is an ongoing event and we will continue to provide updates through our customer communications channels.”

VMWare Inc, which makes computer virtualisation software, said Thursday that several of its products were likely affected by the Java-based Log4j. The cloud computing company listed all of its products and versions that are affected by the vulnerability.

Cisco Talos observed attacker activity beginning December 2. The company notes that additional vectors could be used to trigger the vulnerability.

Amazon Web Services (AWS) said that it is aware of the recently disclosed security issue relating to the open-source Apache “Log4j2″ utility. “We are actively monitoring this issue, and are working on addressing it for any AWS services which either use Log4j2 or provide it to customers as part of their service,” an advisory pushed by Amazon read.

Apache Log4j Security Vulnerabilities: What we need to do?

What is Log4j security issue?

Log4j zero-day flaw: What you need to know and how to protect yourself

The Log4j vulnerability affects everything from the cloud to developer tools and security devices. Here’s what to look for, according to the latest information.

A flaw in Log4j, a Java library for logging error messages in applications, is the most high-profile security vulnerability on the internet right now and comes with a severity score of 10 out of 10.

The library is developed by the open-source Apache Software Foundation and is a key Java-logging framework. Since last week’s alert by CERT New Zealand that CVE-2021-44228, a remote code execution flaw in Log4j, was already being exploited in the wild, warnings have been issued by several national cybersecurity agencies, including the Cybersecurity and Infrastructure Security Agency (CISA) and the UK’s National Cyber Security Centre (NCSC). Internet infrastructure provider Cloudflare said Log4j exploits started on December 1.

What devices and applications are at risk?

Basically any device that’s exposed to the internet is at risk if it’s running Apache Log4J, versions 2.0 to 2.14.1. NCSC notes that Log4j version 2 (Log4j2), the affected version, is included in Apache Struts2, Solr, Druid, Flink, and Swift frameworks.

Mirai, a botnet that targets all manner of internet-connected (IoT) devices, has adopted an exploit for the flaw. Cisco and VMware have released patches for their affected products respectively.

AWS has detailed how the flaw impacts its services and said it is working on patching its services that use Log4j and has released mitigations for services like CloudFront.

Likewise, IBM said it is “actively responding” to the Log4j vulnerability across IBM’s own infrastructure and its products. IBM has confirmed Websphere 8.5 and 9.0 are vulnerable.

Oracle has issued a patch for the flaw, too.

“Due to the severity of this vulnerability and the publication of exploit code on various sites, Oracle strongly recommends that customers apply the updates provided by this Security Alert as soon as possible,” it said.

Necessary actions: Device discovery and patching

CISA’s main advice is to identify internet-facing devices running Log4j and upgrade them to version 2.15.0, or to apply the mitigations provided by vendors “immediately”. But it also recommends setting up alerts for probes or attacks on devices running Log4j.

“To be clear, this vulnerability poses a severe risk,” CISA director Jen Easterly said Sunday. “We will only minimize potential impacts through collaborative efforts between government and the private sector. We urge all organizations to join us in this essential effort and take action.”

Additional steps recommended by CISA include: enumerating any external facing devices with Log4j installed; ensuring the security operations center actions every alert with Log4j installed; and installing a web application firewall (WAF) with rules to focus on Log4j.

 

Where is Log4j used?

The Log4j 2 library is used in enterprise Java software and according to the UK’s NCSC is included in Apache frameworks such as Apache Struts2, Apache Solr, Apache Druid, Apache Flink, and Apache Swift.

Which applications are affected by the Log4j flaw?

Because Log4j is so widely used, the vulnerability may impact a very wide range of software and services from many major vendors. According to NCSC an application is vulnerable “if it consumes untrusted user input and passes this to a vulnerable version of the Log4j logging library.”

How widely is the Log4j flaw being exploited?

Security experts have warned that there are hundreds of thousands of attempts by hackers to find vulnerable devices; over 40 percent of corporate networks have been targeted according to one security company.

also read :