I-Aquatic Panda, iqoqo labagebengu baseShayina, lisebenzise ngokuqondile ukuba sengozini kwe-Log4j ukuhlasela isikhungo semfundo esingadalulwanga. Lokhu kuhlasela kutholwe futhi kwaphikiswa ochwepheshe be-Overwatch be-CrowdStrike.
Ngokusho kweCrowdStrike, izigebengu zaseShayina (zesifunda) zihlasele isikhungo semfundo esingadalulwanga besebenzisa ubungozi be-Log4j. Lokhu kuba sengozini kutholwe esimweni esisengozini ye-VMware Horizon yesikhungo esithintekile.
Isibonelo se-VMware Horizon
Abazingeli abasabisayo be-CrowdStrike bathole lokhu kuhlasela ngemuva kokubona ithrafikhi esolisayo ephuma kunqubo ye-Tomcat egijima ngaphansi kwesimo esithintekile. Baqaphe le thrafikhi futhi banquma ku-telemetry ukuthi inguqulo eguquliwe ye-Log4j ibisetshenziswa ukuze kungene iseva. Abaduni baseChina benze lokhu kuhlasela besebenzisa iphrojekthi yomphakathi ye-GitHub eshicilelwe ngoDisemba 13.
Ukuqapha okuqhubekayo komsebenzi wokugebenga kwembula ukuthi izigebengu ze-Aquatic Panda zazisebenzisa okuhamba ngakubili kwe-OS yomdabu ukuze baqonde amazinga elungelo neminye imininingwane yamasistimu nendawo yesizinda. Ochwepheshe be-CrowdStrike baphinde bathola ukuthi izigebengu bezizama ukuvimba ukusebenza kwesisombululo se-endpoint senkampani yangaphandle esisebenzayo (EDR).
Ochwepheshe be-OverWatch babe sebeqhubeka nokuqapha imisebenzi yabaduni futhi bakwazi ukwazisa isikhungo okukhulunywa ngaso ngenqubekelaphambili yokugebenga. Isikhungo sezemfundo singakwazi ukwenza lokhu ngokwaso futhi sithathe izinyathelo zokulawula ezidingekayo futhi silungise isicelo esisengozini.
Abaduni be-Aquatic Panda
Iqembu lamaShayina eligebengayo i-Aquatic Panda belisebenza kusukela ngoMeyi 2020. Abagebengu bagxile kakhulu ekuqoqweni kobuhlakani nobunhloli bezimboni. Ekuqaleni, leli qembu laligxile kakhulu ezinkampanini emkhakheni wezokuxhumana, umkhakha wezobuchwepheshe kanye nohulumeni.
Abaduni basebenzisa kakhulu lokho okubizwa ngamasethi amathuluzi e-Cobalt Strike, okuhlanganisa ne-Cobalt Strike downloader eyingqayizivele ye-Fishmaster. Abaduni baseShayina baphinde basebenzise amasu afana nokulayisha kwe-njRAt ukushaya okuhlosiwe.
Ukuqapha i-Log4j kubalulekile
Ephendula kulesi sigameko, i-CrowdStrike yathi ukuba sengozini kwe-Log4j kuwukuxhaphaza okuyingozi kakhulu futhi izinkampani nezikhungo zingenza kahle uma zihlola futhi zichibiyele amasistimu azo ngalobu sengozini.