Qhov hnyav ntawm qhov tsis zoo hauv Log4j yog dab tsi tab sis theoretical. Cyber cov neeg phem scan ports thoob ntiaj teb nrhiav txoj hauv kev los siv lawv. Cov kws tshawb fawb txog kev ruaj ntseg tau pom ntau pua txhiab tus tawm tsam.
Ob peb hnub dhau los, Check Point Software lees paub 470,000 sim ua scan cov tuam txhab network thoob ntiaj teb. Cov scans tau ua, ntawm lwm yam, nrhiav cov servers uas tso cai rau kev thov HTTP sab nraud. Cov servers zoo li no tuaj yeem siv qhov tsis zoo tsis zoo hauv Java tsev qiv ntawv Log4j. Yog tias tus neeg rau zaub mov tso cai HTTP thov, tus neeg tawm tsam tuaj yeem ping tus neeg rau zaub mov nrog ib kab taw qhia rau cov chaw taws teeb tswj nrog Java cov lus qhia rau kev tua malware. Yog tias pinged server txuas nrog Java daim ntawv thov uas ua haujlwm Log4j, Java daim ntawv thov txheej txheem kab raws li cov lus txib kom tua cov malware. Hauv qab ntawm kab, tus neeg raug tsim txom tus neeg rau zaub mov ua raws li tus neeg tawm tsam xaj. Lub koom haum kev ruaj ntseg Sophos hais tias nws tau txheeb xyuas ntau pua txhiab tus neeg tawm tsam.
Tej ntsej muag
Yav dhau los peb tau sau ib tsab xov xwm qhia txog qhov kev ua haujlwm tau hais los saum toj no ntawm qhov tsis zoo hauv Log4j. Qhov loj tshaj precondition rau kev tsim txom yog lub peev xwm mus cuag Java daim ntaub ntawv incorporating Log4j. Qee zaum qhov no yog menyuam yaus ua si. Piv txwv li, Apple siv iCloud Log4j sau cov npe ntawm iPhones. Los ntawm kev hloov lub npe qauv ntawm iPhone hauv iOS no rau cov lus qhia rau Java, nws tau dhau los ua kom tawg Apple cov servers.
Hauv lwm qhov xwm txheej, cov ntawv thov tsis yooj yim rau cuam tshuam. Qhov kev hem thawj loj tshaj plaws yog los ntawm cov neeg tawm tsam nrog kev paub, kev paub thiab cov txuj ci uas twb muaj lawm. Cov kws tshawb fawb txog kev ruaj ntseg los ntawm Netlab360 teeb tsa ob lub tshuab decoy (honeypots, ed.) los caw tawm tsam ntawm Java daim ntawv thov nrog Log4j. Cov kws tshawb fawb li no tau ntxias cuaj qhov kev hloov pauv tshiab ntawm hom malware paub zoo, suav nrog MIRAI thiab Muhstik. Cov kab mob malware yog tsim los tsim txom Log4j. Lub hom phiaj sib ntaus sib tua yog qhov txhawb nqa ntawm botnets rau crypto mining thiab DDoS tawm tsam. Check Point Software ua ib qho kev soj ntsuam zoo sib xws ntawm qhov loj dua. Ob peb hnub dhau los, lub koom haum kev ruaj ntseg tau sau npe 846,000 tawm tsam.
Kws muaj txuj ci
Nws yog qhov pom tseeb tias cyber criminals nrhiav tawm thiab siv qhov tsis zoo ntawm Log4j. Qhov kev tiv thaiv zoo tshaj plaws yog thiab tseem nyob rau hauv cov khoom muag tag nrho Log4j daim ntawv thov hauv ib puag ncig. Yog tias tus neeg muag khoom ntawm daim ntawv thov uas siv Log4j tau tso tawm qhov hloov tshiab, patching yog pom zoo. Yog tias tsis yog, kev kaw haujlwm yog qhov kev xaiv nyab xeeb tshaj plaws. NCSC khaws cov ntsiab lus ntawm qhov tsis zoo ntawm software uas Log4j ua tiav.
Tam sim no nws yog dab tsi tab sis pom zoo los tsim koj tus kheej software ntsuas lossis kho cov haujlwm ntawm Log4j. Lub vulnerability muaj variations. Microsoft, ntawm lwm tus, tau kuaj pom ntau qhov sib txawv ntawm txoj cai siv los qhia Java daim ntawv thov kom khiav malware. Check Point hais txog ntau dua 60 kev hloov pauv.