HOW TO PROTECT YOUR NETWORK FROM LOG4SHELL ATTACKS?
Check Point called it a true cyber pandemic. Looking at the stats shared by Check Point, it looks like the story of Log4Shell is not going to end any time soon. To support this, Cloudflare, a CDN provider, disclosed attacks on the newly found CVE-2021-45046 vulnerability on Wednesday.
1. New Data Exfiltration Vulnerability In Log4j 2.15.0:
2. How To Protect Your Network From Log4Shell Attacks?
Table of Contents :
1. Block the Log4Shell IOCs on your firewalls, Proxies, EndPoints, and any security monitoring solutions and keep track of them if any connection is established/observed with them in the Infrastructure.
2. Isolate the suspected system from the network and keep monitoring the activities.
3. Configure your Vulnerability scan tools like NexPose, Nessus, or QualysGuard and run automated Vulnerability scans.
4. Disable JNDI on all the servers running Log4j. If unable to disable Log4j, then block all the JNDI requests to untrusted servers.