In our company's first Trellix Advanced Threat Research report, we share the latest findings on Log4j as well as extensive research into ransomware.
The Trellix (formerly McAfee Enterprise & FireEye) threat research team presents up-to-date data relevant to protecting your business and data.
New research data on Log4j
Log4j, a new vulnerability affecting a widely used Log4j library, has been released just in time for the holidays, in what is becoming an ominous tradition. What has been described as the most devastating cybersecurity breach in decades called for action by Trellix and the cybersecurity industry in Q2021 4. The Log4j vulnerability threatened a potentially massive impact on any product that integrated the LogXNUMXj library into its applications and websites, including products and services from Apple iCloud, Steam, Samsung cloud storage and many others.
Our team has been closely following Log4j since its discovery. We have released a network signature KB95088 for customers using Network Security Platform (NSP). The signature detects attempts to exploit CVE-2021-44228 via LDAP. This signature can be extended to include other protocols or services, and additional signatures can be released to supplement coverage.
Lots of safety information in the report
In addition, this report also includes research on indicators for different customer segments, attacked countries and tools and malware in Q3 2021:
- Log4j: The memory that knew too much
- Ransomware
- Attack Pattern Techniques
- Advanced threat research
- Threats for countries, continents, sectors and vectors
- Living off the Land (LotL) Techniques Q3 2021
- Error Report
- Additional data and research for Q3 2021
About Trellix Trellix is a global company redefining the future of cybersecurity. The company's open and native Extended Detection and Response (XDR) platform helps organizations facing today's most advanced threats gain confidence that their operations are protected and resilient. Trellix security experts, along with an extensive partner ecosystem, accelerate technology innovation through machine learning and automation to support over 40.000 business and government customers.