Security News > 2021 > December

US Federal Civilian Executive Branch agencies have been ordered to patch the critical and actively exploited Log4Shell security vulnerability in the Apache Log4j library within the next six days. "To be clear, this vulnerability poses a severe risk. We will only minimize potential impacts through collaborative efforts between government and the private sector. We urge all organizations to join us in this essential effort and take action," CISA Director Jen Easterly said at the time.

US Federal Civilian Executive Branch agencies have been ordered to patch the critical and actively exploited Log4Shell security vulnerability in the Apache Log4j library within the next six days. The order comes through an emergency directive issued by the Cybersecurity and Infrastructure Security Agency today.

Hellmann Worldwide is warning customers of an increase in fraudulent calls and emails regarding payment transfer and bank account changes after a recent ransomware attack. Through an update on its site, Hellmann Worldwide admits that the forensic investigation that followed has confirmed a data breach but are still investigating exactly what was stolen.

One in four online shoppers surveyed by Beyond Identity said they'd abandon a shopping cart of $100 or more if they had to reset their password to check out. Beyond trying to deal with password guidelines and enforcement, online companies face a loss of sales as people become frustrated by the whole password process.

Oliver Tavakoli, CTO at Vectra AI, takes us inside the coming nexus of ransomware, supply-chain attacks and cloud deployments. Why are ransomware and the supply chain coming together? Historically, what started out as nation-state techniques make their way into pen-testing and red teaming tools and eventually become commoditized in attacks undertaken by hackers seeking profit.

The RAF has scored its first air-to-air "Kill" - where an aircraft downs an enemy aircraft - for almost 40 years after shooting down a drone over Syria. "The engagement took place on 14 December when the drone activity was detected above the Al Tanf Coalition base in Syria," said the MoD. "RAF Typhoons conducting routine patrols in the area were tasked to investigate."

Conti ransomware operation is using the critical Log4Shell exploit to gain rapid access to internal VMware vCenter Server instances and encrypt virtual machines. Among the first to leverage the bug were cryptocurrency miners, botnets, and a new ransomware strain called Khonsari.

A family-run chain of hotels and restaurants this week has been grappling with the aftermath of a ransomware attack that occurred last weekend that may have exposed employees' sensitive personal data, according to multiple reports. The incident - which some have attributed to the Conti gang - forced McMenamins to shut down various operations, though locations could still receive customers.

Below we summarize the multiple relevant CVEs identified thus far, and pretty good reasons to ditch log4j version 2.15.0, in favor of 2.16.0. CVE-2021-4104 [High]: Did we say Log4j 2.x versions were vulnerable? What about Log4j 1.x? While previously thought to be safe, Log4Shell found a way to lurk in the older Log4j too.

When only the utmost privacy will do for the messages you exchange by e-mail, you need a service that protects them entirely, but many additional privacy and security features are a big help. If you cherish your privacy and security and are looking for an alternative to something like ProtonMail, then the CTemplar End-to-End Encrypted Email Prime Plan: Lifetime Subscription should be exactly what you need.