The Log4j vulnerability impacts open-source Java code that is estimated to be used on billions of devices globally. It was reported on November 24, 2021, and its initial public exploit was published on Github on December 9th.
The vulnerability enables remote code execution on devices running the software, so, of course, the cybersecurity community is greatly concerned about the impact this issue could have on countless systems.
Although it’s not possible for any single security product to protect organizations 100% from an exploit with this kind of massive attack surface, many of our dozens of threat feeds are already tracking IPs hosting bulk scanning operations searching for the vulnerability, and those IPs will be blocked by Dark Cubed’s platform as they are detected attempting to connect to our customers’ networks.
Bad actors attempting to exploit Log4j will undoubtedly grow exponentially in the coming days and weeks, as will the IPs associated with those attacks. Dark Cubed’s platform is designed to rapidly - and automatically - update the block-lists of the firewalls of our clients as these IOCs (indicators of compromise) are discovered in the wild, and when they’re detected attempting to connect to our client’s networks. Most importantly, nothing is required of Dark Cubed users to gain this level of protection against Log4j exploits.
To learn more, or if you have any questions about how Dark Cubed can help your MSP clients protect themselves against this and other vulnerabilities, contact us at your convenience.