When Log4j was disclosed, it was quickly hyped up with some even saying the internet was on fire. Did Log4j live up to that hype or cause as much damage as expected?Join us for a conversation to get a view into the overall impact of Log4j and what the research team at Imperva has seen and monitored since the disclosure of Log4j, including any noticeable trends/key findings in Imperva’s research.
The December 2021 log4j vulnerability was a major event in the cybersecurity world. When it was released and exposed to the internet, it caused an explosion in attacks with five and a half million attacks per day and up to 25,000 sites attacked per hour. The vulnerability affects any system running that version of Java lookup and could be at risk, even if it is only exposed internally to insiders. The attackers initially used scanning and checking to see which sites were vulnerable, and then it was automated. Attack tools were created to make it easier for attackers to reach as many targets as possible. Public awareness campaigns have been effective, but vulnerabilities can reappear due to the prevalence of the software. 72% of organizations still had some level of vulnerability to log4j as of October 2022.
As captured in this episode, remediation is not a one-and-done solution, as seen with Log4j, where organizations would fix the problem, and then it would come right back due to the prevalence of the software and how deep it went. The importance of API security is emphasized since 15% of the numbers were coming from APIs. The need to check and document new things added to the system is crucial to maintain proper documentation and be up on remediation. In short, software supply chain security is critical.
Note: This story contains promotional content. Learn more.
Guest: Gabi Stapel, Content Manager @ Imperva Threat Research [@Imperva]
On LinkedIn | https://www.linkedin.com/in/gabriella-stapel/
On Twitter | https://twitter.com/GabiStapel
Resources
Learn more about Imperva and their offering: https://itspm.ag/imperva277117988
Blog: Log4j: One Year Later
Solution page: Stopping software supply chain attacks
Learning center: Supply Chain Attack
Learning center: Zero-day (0day) exploit
National Telecommunications and Information Administration: Software Bill of Materials
National Telecommunications and Information Administration: Vulnerability-Exploitability eXchange
Are you interested in telling your story?
https://www.itspmagazine.com/telling-your-story