Attention: Federal Office warns about massive and dangerous IT security vulnerability “Log4j

Dear Sir or Madam,
over the weekend, the BSI (German Federal Office for Information Security) published a letter about a very threatening vulnerability in an open source software called Log4j.

The vulnerability has a threat score: 10 out of 10
Description:

log4j is a framework for logging application messages in Java. Within many open source and commercial software products, it has become a de facto standard over the years. log4j is considered a pioneer for other logging frameworks, even in other programming languages.

What does this mean in plain language:

Currently, hackers from all over the world are trying to scan systems accessible from the Internet to detect the vulnerability. Our customers and ourselves will also be affected by these scans.

The bad news first:

The above technology is used by just about every major software vendor in some of their products: VMWare, Cisco, Unifi, SAP, and and and.

If the vulnerability is found, it can be exploited to execute unrestricted code on the target system. This means you can do whatever you want with the system. e.g. copy the complete customer database, steal patents or spy out access data, e.g. for online banking.

The good news:

CosH’s IT security team has been busy analyzing the vulnerability since Sunday.

The most important thing is that you and your colleagues remain calm.

One of the biggest problems with the vulnerability is that the Log4J software (or framework) is used by just about every software vendor. This means that not only the base of IT we manage is affected, but probably many of the programs you use on a daily basis.
Customers who have active Managed Firewall and Managed Endpoint Security or SD WAN service contracts with us are gone through customer by customer.
We proceed as follows:
  1. Analysis of security protocols from firewall and endpoint security
  2. In case of suspicion or finding of incidents we contact you proactively by phone
  3. We discuss the next steps by phone
We discuss the next steps by phone
Please refrain from contacting our technicians directly by phone on the subject, we need all resources for the security checks.

So you can check via your vendor if your software uses Log4J:

  1. Open Google
  2. Enter the following CVE code + the name of your software e.g.
  3. CVE-2021-44228 SAP
  4. If the manufacturer already has information about the gap, you will find something about it on the website.
  5. Follow the information and order the installation of updates for your software
  6. If you do not find any information, try the same the following day
  7. If you have not found any information after 7 days, you should contact your system vendor by email and explicitly ask if the Log4J framework is used in your software.

Here are some things you might want to check:

ERP System, CRM System, Banking Software, Time Recording Software, Accounting Payroll Software, Document Management Software, Telephony Software, Video Chat Software

On Wednesday the 15.12.2012 from 11:00-12:00
Clock we give online information meeting on the current situation.

When?
15.12.2021

Time:
11:00 – 12:00

Where?
Online

Everyone is welcome to participate. Just click on the button below on Wednesday at 11:00:

More information about Managed Firewall

More information about Endpoint Security

More information about Hornet Security