A new cyber security vulnerability has emerged which has potentially wide-ranging impacts for the consumer electronics device, television and media industries.
The vulnerability impacts a Java-based logging application called log4j, which is an open source application used across a wide range of enterprise applications such as WebEx, FileZilla FTP.
Callum Wilson from DTG cybersecurity joint venture SafeShark, has been working on update patches as part of his role as a cyber security consultant for the banking industry and explains that this could have a major impact:
“The recent Apache log4j vulnerabilities have hit systems all over the world, ranging from banking back office systems to consumer devices in the home. The incident has shown us that modern software systems have deep dependencies on open source libraries where vulnerabilities continue to be detected, often many years after the software has been released. Within 24 hours of the log4j exploit being made public by Apache, criminals were using the exploit to distribute password stealers and crypto-coin miners, within 48 hours we detected the first ransomware exploits using log4j vulnerabilities to inject into systems. This incident has demonstrated how fast bugs have been weaponised and also how fast systems can be rendered unsafe.”
“The SafeShark Intercept system will "intercept" all outgoing network requests from devices under test which will allow us to detect the signature payload from compromised devices that have suffered from a log4j-style attack, supply chain attack, crypto-miners or any unexpected software running on the device under test. The Intercept stays attached to the device under test in our labs for a long period of time, reporting every hour of every day and indicating where there are potential security vulnerabilities.”
SafeShark’s continuous product monitoring is offered as part of the SafeShark cyber security testing and certification services.
These services are available now – contact Alex Buchan to book a Secure By Design review, or sign up for SafeShark alerts.
Further information on the vulnerability has been released by NCSC here.