HCL SW Blogs
Select Page

News of the Apache Log4j vulnerability exploit came on December 9th, and is striking fear into the software world, for both vendors and users. Log4j is the most popular java logging service with over 400,000 Github downloads; Log4j has been embedded in hundreds of Internet services and products from companies all over the world, including Apple, Amazon, Cloudflare, Steam, Tesla, Twitter, and many more.

in progress attack attempts

Exploiting this vulnerability is simple and allows threat actors to bypass authentication, control java-based web servers via numerous device types (see diagram to the right) and launch remote code execution attacks. New variations of the original exploit are already being introduced – over 60 in less than 24 hours. The attack surface grows by the minute. Good credential management and advanced authentication won’t help as this exploit is pre-authentication, which means an attacker doesn’t need to authenticate to your web applications in order to attack.

 

IT Operations is on the front lines to protect every enterprise from Log4j

Step one: FIND Log4j wherever it exists

Investigate every internet-facing application, website, and system that you own or use. This includes self-hosted installs of vendor products and cloud-based services. Focus on internet-facing systems that contain sensitive data. Once you’ve completed assessing your hosted apps and vendor systems, move on to endpoint applications including Java-based apps like WebEx, Minecraft, and Citrix.

By noon CST on Friday, December 10th, BigFix had provided customers with specialized tools to help find log4j wherever it existed in their environment, including file systems, across nearly 100 operating system variants. Full visibility is step one to provide complete protection against Log4j based threats.

bigfixes 24 hour response

         BigFix’s 24-hour response

 

Step two: Patch, patch, patch. Patch in the same order in Step one. If no patch or workaround is yet available, uninstall.

BigFix automates discovery, management, and remediation of all endpoints whether on-premises, mobile, virtual, or in the cloud – regardless of the operating system, location, or connectivity.

The pandemic has forced many endpoints into home environments which creates makes it more difficult to keep your endpoints patched and compliant. Operations teams cannot rely on employees working from home to patch their own systems, even with clear instructions. Many of them will also ignore your requests so you need to adopt systems that enforce continuous compliance, like BigFix.

IT Operations is essential to beating this. BigFix is the essential tool for IT Operations

We believe this vulnerability is not going to go away any time soon. We’re just starting to get a glimpse of how this is being exploited. New ransomware attacks have already been launched using this vulnerability. Buckle up IT Operations teams, it’s going to be a while before this vulnerability is fully remediated.

How can BigFix help?

BigFix automates discovery, management, and remediation of all endpoints whether on-premises, mobile, virtual, or in the cloud – regardless of the operating system, location, or connectivity. BigFix Insights for Vulnerability Remediation integrates with leading vulnerability management solutions like Tenable to remediate vulnerabilities like Log4j faster than any other solution in the market.

For the latest information about Log4J, visit https://www.hcltechsw.com/bigfix/log4j.

For more information about BigFix, please visit www.bigfix.com.

 

Comment wrap
Further Reading
Continuous Business Benefit Realization with HCL BigFix
Automation | December 13, 2022
Continuous Business Benefit Realization With HCL BigFix
With all my discussions with clients and partners, IT organizations of all sizes are continually challenged to reduce costs and simplify operations.
Preview of BigFix CyberFOCUS Analytics 1.0
Automation | November 7, 2022
Preview of BigFix CyberFOCUS Analytics 1.0 
The BigFix CyberFOCUS Analytics solution is designed to impact big unresolved problems that are the intersection of SecOps, ITOps and the C-Suite.  
FOCUS on Business Management of Cyber Risk
Automation | November 7, 2022
The 100% Secure Computers: FOCUS on Business Management of Cyber Risk
BigFix's FOCUS concepts provide a guide about how your organization strategizes about how cybersecurity and empowers you to find and implement controls that balance the needs of business and security simultaneously.
Close
Filters result by
Sort:
|