Cybersecurity Attacks are increasing, what can you do? 
Cybersecurity attacks are still on the rise. Some of the latest means of attack include taking advantage of the Log4j and Emotet vulnerabilities. Today we will give you information you need to help protect your systems from these potentially very harmful exposures.
log4j or “Log4Shell”
Log4j is a framework used by developers to record certain behaviors by apps or Users. This is used to help maintain and improve the software they have designed. It’s a freely distributed framework by the Apache Software Foundation. Log4j has been downloaded millions of times and is a widely used tool to collect information across corporate computer networks, websites and applications.
Researchers at Check Point Software have indicated that there are over 100 attempts to exploit the vulnerability every minute. The Log4j exploit could give hackers just what they need to take control of your computer systems, allow them to install malware, steal user credentials and passwords, etc. This is not only a severe concern, but it is also being actively exploited – at least one Iranian-state backed threat group is targeting the vulnerability. Targeted systems include servers, virtual machines, PCs, and IP cameras to deploy ransomware, remote access Trojans, and Web shells on vulnerable systems. So, it’s affecting everyone – no one is exempt.
For more business-level information, here is a link to a Wall Street Journal article on Log4j: What Is the Log4j Vulnerability? – WSJ
Emotet
Emotet is apparently the “gift that keeps on giving” for attackers. First found in the baking industry in 2014, this malware was once described as the “world’s most dangerous malware”. Over the years it has evolved into the go-to solution for cybercriminals. Emotet became a malware that was offered for hire to other cybercriminals to install additional types of malware, such as banking Trojans or ransomware, on a victim’s computer.
The infection occurs via a macro-enabled document file, spreading through spam emails (malspam). Emotet utilizes social engineering tricks to look legitimate and lure the victim into downloading the malicious Office file and enabling macros. Emotet avoids detection by using a password-protected Office Application project and hidden macros. This works in the same way as the operating system updates to a PC and can happen seamlessly and without the user noticing. This allows the attackers to install updated versions of the software, install additional malware, or steal information such as user credentials and email addresses.
Considered the world’s largest malware botnet, Emotet was taken down by global law enforcement in early 2021. Unfortunately, cyber attackers don’t rest on their laurels and it was back starting November 2021.
Microsoft has produced a December security rollout, including 67 security patches that addresses the spreading Emotet, one zero-day and five more publicly known vulnerabilities.
Gannon Computer & Consulting is actively ensuring all systems under our management are protected against the very dangerous malware and exploits.
