Just when the Microsoft Exchange exploit CVE-2021-26855 thought it would win the “Exploit of the year” award, it got unseated by the – still evolving – Log4J exploit just weeks before the end of the year! Had somebody asked Sysadmins in November what Log4J was then I suspect that the majority would have had no idea. It seems that the biggest challenge the Log4J exploit poses for Sysadmins is simply the fact that nobody knows all the places where Log4J is being used.
Security, by its very nature, is one of the most innovative fields on the planet. Every technological advancement carries with it a handful or more of new attack vectors, which in turn lead to a dizzying amount of security innovation as our industry works to mitigate risk and defend against threats. But for all this innovation, there are a few ways in which security lags far behind.
We live in a technological society, and cyber attacks are on the rise. Much of this fraudulent activity is linked to malicious actors or gangs of cyber criminals who are trying to exploit anything they can get their hands on. By using tools like Cobalt Strike or customized alternatives, they attempt to penetrate an organization's defenses in order to gain leverage, exfiltrate PIIs, plant ransomware or CnC beacons, or perform other kinds of malicious acts.