By now you have probably heard enough about the Log4j zero-day flaw (CVE-2021-44228), right? You know that it has a vulnerability severity rating of 10 out of 10, with warnings that it can allow unauthenticated remote code execution (RCE) and access to servers. And you know that every vendor and their brother has a solution for you to find it and fix it...after the fact.
What you probably don’t know is if you had the Fletch Trending Threats app, even our free version, you would have been ahead of the news. You would have known Friday if you were impacted, and you would have been on the road to recovery before the busy work crept into your weekend.
So when you get a moment over the holiday slowdown, get the Fletch Trending Threats app, connect your vulnerability and/or endpoint products, and know if the top threats in the news impact your organization every day.
Want to learn more about how the Fletch Trending Threats App does the heavy lifting for you, saving you hours each day? Check out this super-brief video.
Last week’s top trending threats
Below are the top 5 trending cyber threats in the news last week. Was your organization impacted?
- Exploits Swirling for Major Security Defect in Apache Log4j
- Grafana fixes zero-day vulnerability after exploits spread over Twitter
- Russian hacking group uses new stealthy Ceeloader malware
- Authentication Bypass Vulnerability Patched in User Registration Plugin
- Android Security Updates Patch 46 Vulnerabilities
As thousands of cyber threats are reported in the news every day, it takes time and resources no one has to sift through them all to identify how critical they are and if they impact your organization.
Join our waitlist today and automatically know if the latest threats in the news impact your resources.
P.S. see below for more information on the top trending cyber threats in the news last week.
Exploits Swirling for Major Security Defect in Apache Log4j
Enterprise security response teams are bracing for a hectic weekend as public exploits -- and in-the-wild attacks -- circulate for a gaping code execution hole in the widely used Apache Log4j utility. ... Descripton: Apache Log4j2 <=2.14.1 JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints.
CVEs: CVE-2021-44228
Grafana fixes zero-day vulnerability after exploits spread over Twitter
Open-source analytics and interactive visualization solution Grafana received an emergency update today to fix a high-severity, zero-day vulnerability that enabled remote access to local files. ... Grafana Labs received a report about the vulnerability at the end of last week, on December 3, and came up with a fix on the same day.
CVEs: CVE-2021-43798
Russian hacking group uses new stealthy Ceeloader malware
The Nobelium hacking group continues to breach government and enterprise networks worldwide by targeting their cloud and managed service providers and using a new custom "Ceeloader" malware. ... While Nobelium is an advanced hacking group using custom malware and tools, they still leave traces of activity that researchers can use to analyze their attacks.
Malware: Cobalt Strike, Ceeloader
Authentication Bypass Vulnerability Patched in User Registration Plugin
On September 16, 2021 the Wordfence Threat Intelligence team initiated the responsible disclosure process for a vulnerability we discovered in “ RegistrationMagic – Custom Registration Forms, User Registration and User Login ”, a WordPress plugin that is installed on over 10,000 sites. ... This flaw made it possible for unauthenticated attackers to login as any user, including administrative users, on an affected site as long as a valid username or email address was known to the attacker and a login form created with the plugin existed on the site.
CVEs: CVE-2021-4073
Android Security Updates Patch 46 Vulnerabilities
Rolling out to devices as the 2021-12-05 security patch level, it fixes one vulnerability in Media framework, three in Kernel components, two in MediaTek components, three in Qualcomm components, and 22 in Qualcomm closed-source components (including three rated critical severity). ... The same patch level also contains fixes for three vulnerabilities in Framework (two elevation of privilege and one information disclosure, all high severity) and 10 security holes in System (two critical – remote code execution and elevation of privilege – and six high severity).
CVEs: CVE-2021-0967, CVE-2021-0964
