The Latest with Log4J

Cloud Security News

22-12-2021 • 3 mins

Cloud Security News this week 22 December 2021

  • Most folks in cybersecurity have been consumed with all things Log4shell with a CVSS score of 10, since last week. Check out last week’s episode or our special feature on Log4shell on YouTube by Ashish Rajan if you want to know a bit more about how it started and what its all about So, where have things landed with it all so far.
  • To remedy the Log4Shell vulnerability, Apache has issues several patches however with each patch, additional issues were reported. The latest patch is the third installment 2.17.0 to address a new vulnerability that allow for denial of service attacks. While apache and other organisations rush to remedy and patch these vulnerabilities, an explosion of attacks continue.  Belgium’s defence ministry revealed that it had been forced to shut down parts of its network after a hacker group exploited log4j to gain entry to its systems. Security firm Check Point has been monitoring the situation and, at one point, reported seeing more than 100 Log4J attacks per minute.The hackers are scattered globally. Checkpoint further reported that more than half of the exploits come from well-known hacking groups using it to deploy common malware like Tsunami and Mirai. Sentinel one has reported that “Observed exploit attempts in the wild thus far have led to commodity cryptominer payloads or other known and commodity post-exploitation methods. They expect further opportunistic abuse by a wide variety of attackers, including ransomware and nation-state actors.”
  • The latest apache update is available here. The SentinelOne blog is available here and Checkpoint blog is available here,
  • Whilst we are scrambling to stay on top log4Shell, a few exciting things have occurred in the world of Cloud Security as well, Ermetic announced a $70 million series B funding round. Their platform secures cloud infrastructure by focusing on identity security and reducing the attack surface across a multi-cloud deployment. The platform is expanding its support for Kubernetes container orchestration which they refer to  like the fourth cloud. Learn more about Ermetic here.
  • And in other news Container and cloud security unicorn Sysdig   scored $350 million in a Series G funding. This raises their total funding to $744 million and pushes valuation to $2.5 billion. Sysdig offers security and performance monitoring services tailored toward cloud-native applications and are looking to utilise the latest funding to accelerate the expansion of these services into new markets, increase its headcount and customer base, and invest in research and development. Learn more about Sysdig here

Podcast Twitter - Cloud Security Podcast (@CloudSecPod)

Instagram - Cloud Security News

If you want to watch videos of this LIVE STREAMED episode and past episodes, check out:

- Cloud Security Podcast:

- Cloud Security Academy:

You Might Like

The Morning Brief
The Morning Brief
The Economic Times
ANI Podcast with Smita Prakash
ANI Podcast with Smita Prakash
Asian News International (ANI)
ThePrint
ThePrint
ThePrint
3 Things
3 Things
Express Audio
In Focus by The Hindu
In Focus by The Hindu
The Hindu
FT News Briefing
FT News Briefing
Financial Times
Top of the Morning
Top of the Morning
Mint - HT Smartcast
Economist Podcasts
Economist Podcasts
The Economist
Daybreak
Daybreak
The Ken
HT Daily News Wrap
HT Daily News Wrap
Hindustan Times - HT Smartcast
The Seen and the Unseen - hosted by Amit Varma
The Seen and the Unseen - hosted by Amit Varma
Amit Varma
The Intelligence from The Economist
The Intelligence from The Economist
The Economist
The Journal.
The Journal.
The Wall Street Journal & Gimlet
The Daily
The Daily
The New York Times
Global News Podcast
Global News Podcast
BBC World Service
The Cārvāka Podcast
The Cārvāka Podcast
Kushal Mehra
Serial
Serial
Serial Productions & The New York Times
The Signal Daily
The Signal Daily
The Core Team
WSJ What’s News
WSJ What’s News
The Wall Street Journal
Out Of Focus - MediaOne
Out Of Focus - MediaOne
Mediaone