December 16, 2021

Log4Shell – Do you know what you don’t know?

by Chiara Regale

Is it just me or is the announcement of a significant CVE becoming a holiday tradition? Discovered on December 9, 2021 by Minecraft players, the Apache Log4Shell vulnerability is uniquely insidious because it infects servers which are traditionally well insulated from attacks, perceived as unreachable by intruders, and not at risk for CVEs. Log4Shell is an entirely different can of worms that proves this assumption wrong.


Using simple text-based chats, Log4Shell essentially gives bad actors the keys to your kingdom by enabling them to download anything web accessible and gain ACE (arbitrary code execution) privileges. At that point, Java reads the log entry as a command and executes it, empowering bad actors to download anything that is network accessible from the infected host.


You’ve probably updated your software and even investigated the vendors you think may have been vulnerable. That means that your network is safe today, but how do you know what was previously at risk? Without historical snapshots and diffing capabilities, you don’t. And that means you may actually still be exposed.

Identify Log4Shell Exposure In Seconds 

READ THE FORWARD USE CASE


Forward Networks customers are not guessing – they are using Forward Enterprise to verify if all hosts, including the ones potentially breached, can communicate with the Internet. Consequently, those hosts that are Internet accessible are the ones that need to be immediately looked at and remediated. Using the blast radius feature, Forward customers can determine in seconds where in the infrastructure compromised end-hosts can and could have reached. Additionally, the network snapshots collected over time provide the necessary data to identify all devices that may have been previously infected or communicated with an infected host.


Forward Networks does not use Log4j in our shipping software (including past versions). If you are a Forward Networks customer and have additional questions, please contact your Customer Support Architect or email support@forwardnetworks.com.

Subscribe to our blog!

RELATED FORWARD CONTENT 
January 25, 2023
MSD Partners Leads Forward Networks $50M Series D Funding

Following 139% year-over-year growth, Forward Networks closed $50M in series D funding. The round was led by MSD Partners with support from new investors, Section 32, and Omega Venture Partners. Demonstrating ongoing support, existing investors Goldman Sachs Asset Management (Goldman Sachs), Threshold Ventures, A. Capital, and Andreessen Horowitz participated in the round. Since its last […]

Read More
January 18, 2023
Forward Networks to Host Cloud Field Day 16

I don’t know which is more exciting: the fact that there’s no rain forecast for the next two weeks or that we’re hosting Cloud Field Day 16 at the Forward Networks headquarters in Santa Clara, CA. It’s a nice dose of synchronicity that we get a break in the rain to dry out and clean […]

Read More
January 11, 2023
How S&P Global Uses a Digital Twin to Deliver Business Value Faster

There are many ways a digital twin can make enterprise networks more secure, agile, and reliable. Actually, there are more ways than we envisioned when we came up with the technology and we’re constantly learning from our customers. Guru Ramamoorthy, VP, Global Head of Network Architecture, Engineering, & Operations at S&P Global, shared how his […]

Read More
crossmenu linkedin facebook pinterest youtube rss twitter instagram facebook-blank rss-blank linkedin-blank pinterest youtube twitter instagram