Tag Archive for: scramble

Computer security experts scramble to fix ‘vulnerability of the decade’

/in


WASHINGTON — Criminals, cyber spies, and hackers around the world are launching thousands of attempts every hour to exploit a flaw in a widely used logging software as cybersecurity experts are scrambling to close the loophole and prevent catastrophic attacks.

In early December, a security researcher at Chinese online retailer Alibaba discovered and reported the software flaw in a widely used tool called log4j. The open-source tool is a Java-based library developed by Apache that software developers use to track activity within an application.

Every time anyone on the internet connects to a site, a cloud-service provider, or others, the company managing the site or the service captures data about the activity and stores it in a log. Hackers are now attempting to break into such logs and launch attacks.

“We have kind of what I call a threefold problem here,” said Steve Povolny, principal engineer and head of advanced threat research at McAfee Enterprise. “The simplicity of the attack, the ubiquity of vulnerable installed base, and the wide availability of exploit code really combine to make this … maybe the vulnerability of the decade.”

Although Apache has offered a patch to fix the flaw, companies and government agencies use many versions of the log4j tool and are trying to figure out which fix works with what version, Povolny said. But as of late last week, security researchers have identified that a fix known as version 2.16 “effectively solves the problem,” he said.

Nevertheless, as companies and government agencies around the world attempt to fix the problem there’s “no question that this has been and is going to continue to be further weaponized,” Povolny said.

The widespread vulnerability marks a bookend to a year notable for significant cyber and ransomware attacks. At the start of 2021 the world began to grapple with the consequences of a sophisticated Russian attack on SolarWinds, a software management company, which was discovered in December 2019. The attack exposed dozens of U.S. agencies and thousands of companies to potential exploitation by Russian intelligence services.

In the months since, ransomware attacks crippled pipeline operator Colonial Pipeline and…

Source…

Security experts scramble to fix ‘worst possible’ computer bug, known as Log4Shell, on MILLIONS of servers

/in


Security experts around the world are racing to patch one of the worst computer vulnerabilities discovered in years, a critical flaw in open-source code widely used across industry and government in cloud services and enterprise software.

“I’d be hard-pressed to think of a company that’s not at risk,” said Joe Sullivan, chief security officer for Cloudflare, whose online infrastructure protects websites from malicious actors.

In the video above, details of how hackers almost shut down to Queensland power stations

Untold millions of servers have it installed, and experts said the fallout would not be known for several days.

New Zealand’s computer emergency response team was among the first to report that the flaw in a Java-language utility for Apache servers used to log user activity was being “actively exploited in the wild” just hours after it was publicly reported on Thursday and a patch released.

The vulnerability, dubbed ‘Log4Shell,’ was rated 10 on a scale of one to 10, the worst possible.

Anyone with the exploit can get full access to an unpatched machine.

Security experts around the world are racing to patch one of the worst computer vulnerabilities discovered in years, a critical flaw in open-source code widely used across industry and government in cloud services and enterprise software.
Security experts around the world are racing to patch one of the worst computer vulnerabilities discovered in years, a critical flaw in open-source code widely used across industry and government in cloud services and enterprise software. Credit: vchal/Getty Images/iStockphoto

“The internet’s on fire right now,” said Adam Meyers, senior vice president of intelligence at the cybersecurity firm Crowdstrike.

“People are scrambling to patch and there are script kiddies and all kinds of people scrambling to exploit it.

“In the last 12 hours it has been fully weaponised.”

Chevron Right Icon

In the last 12 hours it has been fully weaponised

The vulnerability in the Apache Software Foundation module was discovered on November 24 by the Chinese tech giant Alibaba, the foundation said.

Meyers expected computer emergency response teams to have a busy weekend trying to identify all impacted machines.

The hunt is complicated by the fact that affected software can be in programs provided by third parties.

Log4Shell’s link to Microsoft

The flaw’s exploitation was apparently first discovered in Minecraft, an online game…

Source…

Scramble for evidence after attack in northwestern Myanmar | Military News

/in


Thang Biak discovered his house in Myanmar’s northwestern Chin State had burned down from watching the television news in neighbouring India.

He had fled Thantlang, a hilltop town of roughly 8,000 people, with his three sons and other residents on September 14, crossing into Mizoram two weeks later.

“When we fled, we couldn’t bring anything. Now all of our property has been destroyed,” said Thang Biak, for whom Al Jazeera has used a pseudonym due to concerns of military reprisals. “When I learned that my house had burned, I was so depressed that I couldn’t sleep or eat,” he added.

His home was one of more than 160 houses and two church buildings in Thantlang that were burned down on October 29, as the military intensified its operations to root out the civilian armed groups that have emerged across the country since the coup on February 1.

Governments, rights organisations and civil society groups have condemned the military for the destruction in Thantlang and have demanded it be held accountable.

More than 500 organisations, including Human Rights Watch, signed a statement last week calling on the United Nations Security Council to act urgently to “end [the] Myanmar junta’s campaign of terror.”

The United States said the incident “lays bare the regime’s complete disregard for the lives and welfare of the people of Burma,” and said the attacks “underscore the urgent need for the international community to hold the Burmese military accountable”.

But as calls for military accountability grow, those collecting and sharing evidence of what happened in Thantlang face numerous risks and obstacles, including fear of arrest or retaliation and an ongoing internet shutdown. Local sources told Al Jazeera that they have also been unable to identify witnesses because Thantlang’s residents had fled earlier waves of violence in September, and the town has been occupied by soldiers.

“We journalists could not go to document ourselves … We could not get [sufficient] evidence and communication has been cut off,” said Salai Zing, who works for a Chin State-based media outlet and who requested Al Jazeera call him by his nickname.

Three churches were hit in the…

Source…

Pipeline hack sparks scramble for new delivery routes

/in


By Cathy Busewitz, Ben Finley and Tom Foreman, Jr. | Associated Press

CLEMMONS, N.C. — Drivers waited in long lines at gas stations in the Southeast on Wednesday after a hack of the nation’s largest fuel pipeline led to distribution problems and panic-buying, draining supplies at thousands of gas stations.

There is no gasoline shortage, according to government officials and energy analysts. But there is a problem getting the fuel from refineries on the Gulf Coast to the states that need it, and officials are scrambling to find alternate routes to deliver that fuel.

If the pipeline shutdown extends past the weekend, it could create broader fuel disruptions.

The Colonial Pipeline, which delivers about 45% of the fuel consumed on the East Coast, was hit on Friday with a cyberattack by hackers who lock up computer systems and demand a ransom to release them. The attack raised concerns, once again, about the vulnerability of the nation’s critical infrastructure.

The pipeline runs from the Gulf Coast to the New York metropolitan region, but states in the Southeast are more reliant on the pipeline. Other parts of the country have more sources to tap. For example, a substantial amount of fuel is delivered to states in the Northeast by massive tankers.

“What you’re feeling is not a lack of supply or a supply issue. What we have is a transportation issue,” said Jeanette McGee, spokeswoman for the AAA auto club. “There is ample supply to fuel the United States for the summer, but what we’re having an issue with is getting it to those gas stations because the pipeline is down.”

Jamar Gatison, 36, was filling up his tank in Norfolk, Virginia, Wednesday before a doctor’s appointment.

“I’m about to run out of gas, so I have no choice,” the construction worker said while waiting in line at a 7-Eleven. “I’m also an Uber Eats driver. I also need gas for that,” Gatison said, adding that he probably won’t deliver food Wednesday night because he doesn’t want to wait in line again while the shortage continues.

In North Carolina, 28% of gas stations were out of fuel, according to Gasbuddy.com, a technology firm that tracks real-time fuel prices across the…

Source…