[ad_1]
The Apache Log4j vulnerability (CVE-2021-44228) is on the thoughts of almost each cybersecurity and IT group proper now due to its widespread utilization, ease of exploitation, and broad assault floor. This weblog supplies an summary of how Cisco Safe Endpoint helps defend your surroundings from attackers exploiting this vulnerability.
What You Have to Know About Log4j
On Thursday, December 9, the Apache Software program Basis disclosed a safety vulnerability in Apache Log4j, a Java-based logging library broadly utilized by builders all over the world. This library can also be typically utilized by industrial and open-source instruments reminiscent of Apache Struts 2, Apache Solr, Apache Fink, Apache Druid, Apache Kafka, Elasticsearch, and extra.
This vulnerability permits attackers to remotely execute malicious code on affected servers, enabling them to achieve full management of those servers. Broadly believed to be straightforward to take advantage of, this vulnerability has obtained the utmost CVSS severity rating of 10.0 and a 93/100 rating from Kenna Safety, Cisco’s risk-based vulnerability administration resolution.
How Cisco Safe Endpoint Helps
Cisco Safe Endpoint quickly identifies and protects towards Log4j exploits in a number of methods. It blocks threats that attempt to exploit the Log4j vulnerability with multifaceted prevention methods, together with machine studying and behavioral safety. Moreover, strong detection and response capabilities scale back dwell time. Lastly, wealthy menace intelligence from the Cisco Talos safety analysis group means that you can have the most recent safety from attackers.
In case any threats get via, superior Endpoint Detection and Response (EDR) performance reminiscent of SecureX Menace Looking and Orbital Superior Search rapidly uncovers indicators of Log4j exploitation makes an attempt and post-exploitation exercise reminiscent of lateral motion, suspicious command launch and others. This consists of two new Orbital queries that establish entities affected by the Log4j vulnerability on Home windows and Linux gadgets (windows_log4j_monitoring and linux_log4j_monitoring). To learn to use these queries to detect Log4j assaults, please see the under video.
As well as, with prolonged detection and response (XDR) capabilities from the built-in Cisco SecureX platform, you get a extra full view into the menace panorama for the Log4j exploit. This allows you to automate response actions to isolate and quarantine compromised endpoints – decreasing the time it takes to detect and remediate a menace that leverages the Log4j vulnerability. Lastly, cloud Indicators of Compromise (IOCs) in Safe Endpoint have been up to date to incorporate new Log4j-related detections and new clamAV signatures can be found to dam assaults exploiting Log4j.
For extra data on the Cisco response to Log4j, together with how different Cisco Safe options can defend you from this vulnerability, please see the Cisco Talos Menace Advisory web page and the Cisco Occasion Response web page for Log4j. To be taught extra about Safe Endpoint, please go to our product web page.
Â
We’d love to listen to what you assume. Ask a Query, Remark Under, and Keep Related with Cisco Safe on social!
Cisco Safe Social Channels
Â
Share:
[ad_2]
