To Customer Support To Customer Support
News

Cyber News Rundown: Global reverberations from new Apache Log4j vulnerability

  • 17 December 2021
  • 36 replies
  • 697 views
Cyber News Rundown: Global reverberations from new Apache Log4j vulnerability
C
Rank
Userlevel 7
Badge +7

Webroot and BrightCloud product and services are unaffected by the Log4j vulnerability. For more information on all OpenText products, please see this advisory

https://www.opentext.com/support/log4j-remote-code-execution-advisory

Companies released lists of products affected by a newly discovered vulnerability found in the Apache Log4j library that’s already identified on billions of systems around the globe. In other cyber security news, Volvo suffered a security incident affecting their computer systems that may have also caused a breach of sensitive company information.

Hundreds of financial institutions hit by Anubis malware

The Anubis Android malware that has plagued the Google Play store for several years has resurfaced to again target financial apps for their login credentials. While it is still unclear which group is operating this recent Anubis campaign, many different groups have used it in the past. It is believed that this latest campaign is still in its early stages and is being lightly distributed as a testing phase to ready it for a full release.

Superior Plus gas supplier suffers ransomware attack

A global supplier of natural gas named Superior Plus discovered unauthorized access to their internal systems and took many of them offline to avoid additional damage. It remains unclear who orchestrated the attack. Currently, officials are working with industry experts to determine the damage and ascertain if any sensitive information was compromised. This Superior Plus attack fits into the pattern of attacks that focus on critical infrastructure, as they tend to have unpatched older systems that lack updated security.

Hackers infiltrate Volvo’s systems

Volvo suffered a security incident that affected their computer systems and may have stolen sensitive company information. While officials haven’t released much more information on the attack itself, they say that there are no signs that any customer information was compromised during the unauthorized access of a file repository. It remains unclear which of Volvo’s global locations have been impacted.

Log4j vulnerability has global consequences

On Thursday of last week, researchers began noticing a major vulnerability in the Apache Log4j library that has been exploited by a variety of ransomware groups and other cybercriminals. This vulnerability in the logging service has been identified on millions of systems around the world. It allows attackers to perform remote code execution within a variety of applications without authentication. Dozens of companies have since released lists of their products that are affected by this vulnerability. They’ve also informed users if they have any workarounds or have pushed out patches that resolve the issue.

Over 750,000 patients exposed in Oregon medical group breach

Following a July ransomware attack, the Oregon Anesthesiology Group (OAG) suffered a data breach that could affect close to 750,000 former and current patients and employees. Officials for OAG only learned of the data breach in October, when the FBI contacted them regarding sensitive OAG data found on seized files from the HelloKitty ransomware group. The medical group have since updated their systems to resolve the vulnerabilities that were exploited during the initial July attack and have begun contacting the affected patients.

36 replies

TripleHelix
Rank
Userlevel 7
Badge +63

Glad to see that none of OpenText products are affected.

Daniel - Windows 10 Pro x64 for Workstations 22H2 on my Alienware 17R2 and Alienware 17R5 Laptops with Webroot SecureAnywhere Complete Beta Tester for PC & Android Moto G9 Plus OS 11. "Take Them to the Train Station"
tmcmullen
Rank
Userlevel 6
Badge +6

Apache Log4j is very far reaching. Reading this article makes it clear just how many systems can and have been impacted.

Teri M
Sander G.
Rank

Don’t let the bad guys have a happy Christmas. Stay safe and patch!

MajorHavoc
Rank
Userlevel 7
Badge +25

As always, thank you for this depressing news. :-)

- Owen Rubin,  Apple Expert. Worked in Vision Pro team and early Mac HW and OS engineer at Apple. Machines: 2017 iMac Pro 27" 5K 3GHz 10-Core Xenon Sonoma 14.x. 2023 14" MacBookPro M2 Max Ventura 13.x, 2018 16" MacBookPro Ventura 13.x, and a dozen or so older machines for testing. iPhone 14 Pro, iPhone 13 Pro, iPhone 6.
R
Rank
Userlevel 4

Used a RMM tool for scanning every system. Now its time for a quit vacation.

Robis
Rank
Userlevel 6
Badge +1

Very interesting news.

R
Rank
Userlevel 4
Badge +1

Busy time working through various systems to see whats affected. Thankfully it’s not too bad but still making sure customers know we are working on the fix.

 

Merry Xmas!

A
Rank
Userlevel 4
Badge +1

Thanks for providing a comprehensive and very informative summary of the global impact.  It’s reassuring that Webroot products are not impacted by sloppy practices.

D
Rank
Userlevel 7
Badge +8

Great Article but very worrying times.

M
Rank
Userlevel 5
Badge +5

Vulnerabilities, breaches, ransomware. The news stays the same but those involved change by the week. Thankfully, Webroot is not one of them.

A
Rank
Userlevel 6
Badge +1

This vulnerability has surely woken up some of our customers.

AsadP
Rank
Userlevel 5
Badge +1

Great write-up, definitely a vulnerability that is not kind.

Ensure to mitigate the issue by updating your Log4j

 

https://logging.apache.org/log4j/2.x/security.html

'When you break something and attempt to resolve the issue, wait... because it might fix itself, if you're lucky xD"
E
Rank
Userlevel 4

Thanks for spreading knowledge.

Bottom line is to become security centric, train and implement all security layers

R
Userlevel 1

Very interesting read, it doesnt matter how big or small you are you need to keep on top of your security.

G
Rank
Userlevel 5
Badge +4

Is Blackpoint Cyber also included on the mitigation / no risk list? I did not see it in the threat matrix. While not an OpenText product, because of their integration into the Webroot line their vulnerability status should be noted and reported.

David Yates - Geeks-r-Us, Inc.
M
Rank
Userlevel 3

Been a rough time for Software Devs!

Jasper_The_Rasper
Rank
Userlevel 7
Badge +54

I have been following this closely in the Security News forum and it is very far reaching but it is good to see that Webroot products are not affected by it.

Rondolino Cellamare
Rank
Userlevel 5

Having timely information is essential. Thanks, keep it up 

Bruno Novaria
C
Rank
Userlevel 1

This has ruined one of our engineers Christmas who has now had to cancel his leave to get this sorted for multiple systems of our biggest customer.

how Broadcom can be so blasé about this is unreal

E
Rank
Userlevel 1
Badge +1

This is a nightmare security wise, but I’m glad to hear that Webroot applications are not affected.

M
Rank
Userlevel 2
Badge +4

Kudos to the log4j development team for giving up their personal time to fix something that wasn’t actually broken.  Hope they recover soon.

Also would be nice to see corps start to kick a few bucks towards those OSS projects they take advantage of.

A
Rank
Userlevel 4

thanks for all the info. we must always remember to patch up our software

T
Rank
Userlevel 4

I am thankful that your products are not affected!  Appreciate you keeping us well informed.

E
Rank
Userlevel 3

It’s amazing how many products are using Apache Log4j, and we’ve had to work for our customers to ensure anything they are using with this vulnerability is fixed asap.

clutka
Userlevel 3

It’s nice to know that with all these vulnerabilities, I can keep my endpoints protected with my Webroot subscription.

Reply


Terms & Conditions

© 2004 - Webroot Inc.

We have recently updated our Privacy Policies. We encourage you to read the full terms here.