Security researchers from Cybereason has published a ‘Vaccine’ that can be used as a mitigation to the critical Log4Shell vulnerability on Apache Log4j code execution that is currently being exploited in the wild.
Apache Log4j, a java-based logging platform which is used for analyzing web server access or application logs. The Apache log4j is mostly used in games like Minecraft, enterprise eCommerce platforms and other java based applications. However, Minecraft recently released a patch to fix the vulnerability.
A proof of concept exploit for this Log4Shell vulnerability was released by researchers with CVE-2021-44228 tracking. Later Apache quickly released a patch as Log4j 2.15.0 to fix the vulnerability, while there were attacks happening in the wild. This java vulnerability was troublesome for enterprises and popular websites as it could cause nightmares to their normal operations.
Researchers from Cybereason had published a script or called it as ‘Vaccine’, that would disable the vulnerability even on remote. The vaccine manipulates the vulnerability by exploiting the vulnerable server. The Logout4Shell vulnerability project will facilitate setting up a Java-based LDAP server and includes a payload that will disable the ‘trustURLcodebase’ to mitigate vulnerability. However, the best option is to patch the log4j version with 2.15.0 update.
While this looks good threat actors could take over a device, patch it and then prevent other hackers from compromising the server. The BrickerBot malware took the vulnerable devices offline, and then gray hats used the Internet-connected printers to mitigate the situation by take those printers offline.
Here’s what Cybereason CTO has to say about their Logout4Shell project,
While always a possibility, it’s an issue of a calculated risk. This vulnerability is so critical and already massively abused across the Internet, we felt compelled to offer something to help defenders across the globe buy precious time against these hackers.
From an impact perspective, it’s very similar to the Apache Struts vulnerability that was used to steal information from Equifax in May-July 2017.”
– Yonatan Striem-Amit, CTO and Co-founder, Cybereason.
You can try this project by visiting the project’s GitHub page.
Subscribe to our newsletter for daily alerts on cyber events, you can also follow us on Facebook, Linkedin, Instagram, Twitter and Reddit.
You can reach out to us via Twitter or Facebook, for any advertising requests.
Explore the top 5 best Microsoft Intune alternatives, comparing key features, user reviews, and capabilities…
Discover the top 7 smartphones of 2024 with best security features, offering privacy, performance, and…
Discover the top 11 log management tools for efficient system management and monitoring. Learn about…
Explore the top 5 threat intelligence tools, their features, and how they enhance cybersecurity against…
Explore the top 5 best PAM Tools, market trends, and expert insights to secure the…
Explore the top solutions for Apple Device Management including to iOS Device Management and macOS…