Daily Tech News, Interviews, Reviews and Updates

Windows devices with a unique ransomware family called Khonsari as well as a remote access Trojan dubbed Orcus

By exploiting the newly exposed severe Log4j vulnerability, Romanian cybersecurity technology company Bitdefender warned on Monday that attempts are being made to target

The attack takes use of the remote code execution issue to download an extra payload, a.NET binary, from a remote server, encrypting any files with the extension “.khonsari” and displaying a ransom message urging victims to pay a Bitcoin ransom to regain access to the files.

CVE-2021-44228 is the bug’s official name, although it’s often known as “Log4Shell” or “Logjam.” To put it another way, the issue might force an afflicted system to download malicious software, providing attackers a digital foothold on company systems.

The Apache Software Foundation maintains Log4j, which is an open-source Java library. The tool, which has over 475,000 downloads on GitHub and is widely used for application event logging, is also a part of other frameworks like Elasticsearch, Kafka, and Flink, which are utilised in many major websites and services.

The news comes as the United States’ Cybersecurity and Infrastructure Security Agency (CISA) issued an alert warning of active, widespread exploitation of the flaw, which, if left unaddressed, could grant unrestricted access and unleash a new wave of cyber attacks, as companies scramble to identify and patch vulnerable machines.

“An adversary can exploit this vulnerability by sending a specially crafted request to a vulnerable machine, causing that system to execute arbitrary code,” the NSA said in a statement released Monday. “The attacker can now take complete control of the system thanks to the request. The attacker can then steal data, start ransomware, or engage in other nefarious behaviour.”

In addition, CISA has added the Log4j vulnerability to its Known Exploited Vulnerabilities Catalog, giving government agencies until December 24 to implement remedies. Government agencies in Austria, Canada, New Zealand, and the United Kingdom have all issued similar warnings in the past.



Readers like you help support The Tech Outlook. When you make a purchase using links on our site, we may earn an affiliate commission. We cannot guarantee the Product information shown is 100% accurate and we advise you to check the product listing on the original manufacturer website. Thetechoutlook is not responsible for price changes carried out by retailers. The discounted price or deal mentioned in this item was available at the time of writing and may be subject to time restrictions and/or limited unit availability. Amazon and the Amazon logo are trademarks of Amazon.com, Inc. or its affiliates Read More
You might also like

This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. Accept Read More