3rd Party Risk Management , Application Security , Business Continuity Management / Disaster Recovery

Ransomware Gatecrashes the Apache Log4j Attack Party

Also: Lessons Learned From Log4j; Security Flaw Affects Vehicles Built by Tesla
Ransomware Gatecrashes the Apache Log4j Attack Party
CISA Director Jen Easterly, who discussed Log4j vulnerabilities on Jan. 10 (Photo: Fortune Brainstorm TECH via Flickr/CC)

The latest edition of the ISMG Security Report features an analysis of how attackers are distributing Night Sky crypto-locking malware to exploit Log4j vulnerabilities, lessons learned from Log4j and a security flaw that affects some Tesla-built vehicles.

In this report, you'll hear (click on player beneath image to listen):

  • ISMG's Mathew Schwartz discuss how attackers wielding Night Sky ransomware are among the latest groups that have been attempting to exploit serious vulnerabilities in widely used Apache Log4j software;
  • CISO of the Government of Alberta Martin Dinel share significant lessons learned from Log4j shell mitigation efforts;
  • ISMG's Jeremy Kirk describe how a security researcher discovered a software flaw affecting a small number of Tesla vehicles, allowing him to unlock doors and windows, start vehicles without keys and disable security systems.

The ISMG Security Report appears on this and other ISMG websites on Fridays. Don't miss the Dec. 31 and Jan. 7 editions, which respectively discuss highlights from interviews in 2021 and the recent surge in Russian cyber interference in Ukrainian government and civilian networks.

Theme music for the ISMG Security Report is by Ithaca Audio under a Creative Commons license.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.eu, you agree to our use of cookies.