Vulnerability Management, Patch/Configuration Management, Threat Intelligence

Apache Log4j threat persists in global finance sector

Apache HTTP Server website (www.apache.org) displayed on smartphone

Organizations in the financial industry around the world were warned by cyber threat intelligence expert Anis Haboubi regarding the persistent risk of attacks exploiting the years-old Apache Log4j2 vulnerability, tracked as CVE-2021-44832, as evidenced by the recent breaches at U.S. business intelligence software company Sisense and cloud storage provider Snowflake, which have systems widely used in the sector, reports Security Affairs.

Both firms may have been infiltrated through attacks exploiting the flaw before threat actors proceeded with exfiltrating troves of customer data, which could be leveraged to facilitate compromise of interconnected financial systems, said Haboubi. Moreover, Sisense was also found to have been particularly susceptible to the attack due to its lack of PEM key-based authentication, which it has since addressed.

Such a development should prompt organizations to ensure updated logging configurations and strong SSH security measures, noted Haboubi in a post on X, formerly Twitter.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.