Connect with us


Why the Log4j Vulnerability Makes Endpoint Visibility and Zero Trust Security More Important Than Ever



IT organizations worldwide are still reeling from the discovery of a major security vulnerability in Apache Log4j, an open-source logging utility embedded in countless internal and commercial applications.

By submitting a carefully constructed variable string to log4j, attackers can take control of any application that includes log4j. Suddenly, cybercriminals around the world have a blueprint for launching attacks on everything from retail store kiosks to mission-critical applications in hospitals.

If security teams overlook even one instance of log4j in their software, they give attackers an opportunity to issue system commands at will. Attackers can use those commands to install ransomware, exfiltrate data, shut down operations — the list goes on.

How should enterprises respond to this pervasive threat?

First, organizations need better visibility into both software supply chains and endpoints. They also need a way of delivering patches and updates quickly and comprehensively. Finally, they need hair-trigger segmentation controls over endpoints, so that if attackers do penetrate their network through log4j or any other exploit, they can quickly isolate those endpoints through network segmentation (closing network ports) and prevent the attack from spreading.

Know your code

Organizations need improved visibility into their software supply chains. That means understanding not just what applications they’re running, but also understanding the various components that go into those software applications.

If a software application from vendor X includes a software component from vendor Y, and vendor Y’s software includes a component from vendor Z, then any security vulnerability in vendor Z’s software affects the entire supply chain: vendors X, Y, Z, and all three companies’ customers.

Two recent cyberattacks illustrate the breadth of this kind of vulnerability, which is known as a supply chain compromise.

The first was the SolarWinds data breach, in which attackers broke into the network at software vendor SolarWinds and implanted malware in the company’s Orion network management product. That malware eventually gave attackers access to the networks of thousands of SolarWinds customers, including government agencies.

The second supply chain compromise attack involved software vendor Kaseya. In that case, attackers bypassed authentication controls and plant ransomware in one of Kaseya’s products, which is used by managed service providers (MSPs) to manage remote endpoints. The ransomware eventually affected 1,500 organizations, including Kaseya MSPs and their customers.

When software vulnerabilities are discovered, organizations need to be able to scan their software assets and discover any use of compromised components. This can be trickier than it might seem. When hunting for software components rather than full applications, you can’t just list the applications installed on an endpoint.

You might have to search for filenames or even file hashes, or #include statements within applications themselves. And of course, you need to be able to do this quickly across all your endpoints, including those in remote locations or in the cloud. Time matters. You have just days or even hours before attackers will find the files for you.

Know your endpoints

To scan software on endpoints, you first need to find all your endpoints. Easier said than done. A recent survey found that 94% of organizations have overlooked endpoints on their networks.

You need to know where all your endpoints are and what software components are included in all their applications, so you can take the next step — installing patches and updates — before attackers take advantage of a known exploit.

Patch quickly to eliminate vulnerabilities

Once you’ve identified problematic software on endpoints, you need to patch that software or disable it as quickly as possible.

With comprehensive visibility into software versions active on every endpoint, though, you can target your patches and updates. With an effective endpoint management system, you can install them promptly. And again, accuracy matters.

Some endpoint management systems report that they’ve successfully installed patches when they haven’t. The best practice is to audit some of your installations to ensure your system is performing as expected.

Contain attacks instantly

You’re not always going to win this race against time with every vulnerability in all your organization’s software. Attacks will happen. When they do, you need to shut them down quickly.

With a zero-trust solution in place for endpoints, you can detect attack activity instantly and isolate any compromised endpoints from the rest of your network. Zero-trust technology limits endpoint access only to authorized users by segmenting network traffic. It also blocks the ports and protocols that many ransomware and other malware strains rely on for moving across networks.

Unfortunately, software component vulnerabilities like the log4j vulnerability will likely be an ongoing challenge for IT organizations. But by improving visibility into endpoints and applications, patching quickly and accurately, and using zero-trust technology to contain malware attacks, organizations can minimize the damage of these vulnerabilities.


To learn more, visit us here.



Moroccan B2B ECommerce Platform Chari Nets Funding on $100M Valuation




Morocco-based B2B eCommerce and FinTech startup Chari could see a valuation of $100 million after a new bridge round of funding, TechCrunch reported Thursday (Jan. 20).

Chari functions as a mobile app, allowing traditional proximity store owners in Morocco to order products and have them delivered.

The company is trying to get more into the FinTech space after closing a bridge round which was led by the Saudi Arabia-based venture capital fund Khwarizmi Ventures, AirAngels (Airbnb Alumni Investors) and Afri Mobility, the venture capital arm of AKWA Group.

“Chari will use the money from this bridge round to test the BNPL services with its existing customers,” said Ismael Belkhayat, Chari’s CEO. “Upon successful results, Chari will acquire a local credit company to enable shop owners to lend money to their end users and further grow their business.”

Chari works with over half of the proximity stores in Casablanca, and has expanded into Tunisia. Last August, the company also acquired Karny, a mobile credit book application.

The Karny acquisition gave Chari more data on the loans given by grocery stores to customers, letting it credit assess unbanked shop owners and determine the best payment terms.

Chari was also a participant in the startup investor and incubator Y Combinator S21 batch and raised $5 million in late 2021. PYMNTS writes that Karny’s services help convenience stores use smartphones to manage credit arrangements with customers.

See also: Morocco’s eCommerce Startup Acquires Mobile Credit Book App

The company has around 15,000 convenience store customers. According to Y Combinator’s website, Chari “is an eCommerce and FinTech app for traditional retailers in North Africa allowing them to order any consumer goods they sell and get delivered for free in less than 24 hours.”

Chari also works as a financial services provider for retailers, offering micro-credit facilities.

PYMNTS also reported on Chari’s fundraising last year, writing that it could help the company expand into French-speaking Africa.

Related: Moroccan B2B eCommerce Firm Chari Raises $5M 


Continue Reading


Hudson Swafford Breaks From Pack Late to Win the American Express



Hudson Swafford went eagle-birdie at the 16th and 17th holes to cap a busy final round and win The American Express on Sunday in La Quinta, Calif.

Swafford’s eagle, nine birdies and three bogeys added up to an 8-under 64 that catapulted him to victory after starting the day three strokes off theleaders. At 23-under 265, Swafford beat Tom Hoge (68 Sunday) by two shots.

Brian Harman also shot a 64 earlier in the day to se

Original Post:

Continue Reading


Is Putin Following in Steps of Peter the Great



Three hundred and forty kilometers east of the Ukrainian capital, Kyiv, lies the city of Poltava.

At its heart is a semi-circular square with a cast-iron column and nearly two dozen eighteenth-century Swedish cannons captured in the 1709 Battle of Poltava, a decisive encounter in the Great Northern War, waged between Russia’s Peter the Great and Sweden’s Charles XII for supremacy in eastern Europe.


Original Post:

Continue Reading