GOOGLE is warning users to enable Cloud Console as hackers can exploit Apache vulnerability.
Apache Log4j 2 utility is an open-source Apache framework that is used for logging requests.
A vulnerability was reported on December 9 that could allow systems running Apache Log4j version 2.14.1 or below to be compromised.
Attackers are attempting to scan the internet for vulnerable Log4j with other 100 attempts to exploit the vulnerability every minute, according to researchers at Check Point.
Cybersecurity researchers at Sophos said they detected hundreds of thousands of attempts to remotely execute code using the Log4j vulnerability.
This is a common tactic by hackers to exploit newly disclosed vulnerabilities to have the best chance of taking advantage of them before they’re fixed.
“I cannot overstate the seriousness of this threat. On the face of it, this is aimed at cryptominers but we believe this creates just the sort of background noise that serious actors will try to exploit,” said Lotem Finkelstein, director of threat intelligence at Check Point.
Google recommends that customers upgrade to version v2.15.0 of Log4j as soon as possible. If the upgrade can’t happen quickly, customers can mitigate the issue by setting the “No Lookups property (log4j2.formatMsgNoLookups)” to true.
In addition to updating, Google Cloud Security products can help detect and solve the exploitation problems temporarily until a patch is made.
It’s also recommended that users have a vulnerability scanner to identify issues reported by the National Vulnerability Database.
For more defense until a patch is applied, Cloud Armor can also help mitigate threats. Cloud Armor can be enabled through Cloud Console then Network Security, or via API.
Google stated that they will continue to “actively monitor this event and will provide updates to this blog post.”
The Sun has reached out to Google for comment.
We pay for your stories!
Do you have a story for The US Sun team?