Computer log4j Vulnerability - futures io
futures io



Computer log4j Vulnerability


Discussion in Off-Topic

Updated
      Top Posters
    1. looks_one bobwest with 1 posts (6 thanks)
    2. looks_two Symple with 1 posts (5 thanks)
    3. looks_3 Powdrpig with 1 posts (6 thanks)
    4. looks_4 SMCJB with 1 posts (4 thanks)
      Best Posters
    1. looks_one bobwest with 6 thanks per post
    2. looks_two Powdrpig with 6 thanks per post
    3. looks_3 Symple with 5 thanks per post
    4. looks_4 SMCJB with 4 thanks per post
    1. trending_up 443 views
    2. thumb_up 21 thanks given
    3. group 3 followers
    1. forum 3 posts
    2. attach_file 0 attachments




Welcome to futures io: the largest futures trading community on the planet, with well over 125,000 members
  • Genuine reviews from real traders, not fake reviews from stealth vendors
  • Quality education from leading professional traders
  • We are a friendly, helpful, and positive community
  • We do not tolerate rude behavior, trolling, or vendors advertising in posts
  • We are here to help, just let us know what you need
You'll need to register in order to view the content of the threads and start contributing to our community.  It's free and simple.

-- Big Mike, Site Administrator

(If you already have an account, login at the top of the page)

 
Search this Thread
 

Computer log4j Vulnerability

(login for full post details)
  #1 (permalink)
 Powdrpig 
Bend, Oregon
 
Experience: Advanced
Platform: Sierra Chart
Broker: IB
Trading: MNQ/NQ/YM
 
Powdrpig's Avatar
 
Posts: 40 since May 2011
Thanks: 562 given, 66 received

There is a new Chinese internet attack that might compromise your accounts. You might want to do a search for file "log4j" on your computer to see if you have it. If so, check to see if it has the new "2.15.0" file fix. I had it under my Interactive Brokers directory but they did a download update today when I signed on and installed the new file. Hopefully, other brokers and banks are on top of it.

https://www.dailymail.co.uk/news/article-10307697/Chinese-hackers-exploiting-fully-weaponised-Log4shell-software-vulnerability.html

'Log4Shell could wreck the internet' says cybersecurity expert
The vulnerability comes from Apache's Log4j, a globally popular open source library that helps software developers track changes in applications that they build." (https://www.dailymail.co.uk)

"Never let the fear of strikeouts get in your way." Babe Ruth
Started this thread Reply With Quote
The following 6 users say Thank You to Powdrpig for this post:

Can you help answer these questions
from other members on futures io?
Tick counter that works with directions?
NinjaTrader
Take Profit/ Tpx during crypto futures trading
Crypto Futures
Emini Trading Levels
Emini and Emicro Index
 
 
(login for full post details)
  #2 (permalink)
 SMCJB 
Legendary Market Wizard
Houston, TX
 
Experience: Advanced
Platform: Trading Technologies
Broker: Primary Advantage Futures. Also ED&F and Tradestation
Trading: Primarily Energy but also a little GE, GC, SI & Bitcoin
 
Posts: 4,410 since Dec 2013
Thanks: 3,756 given, 8,895 received

Your right, sounds like it could be a major vulnerability, as I think its popular on servers and people often don't update those very often.

For what it's worth log4j is open source software and not Chinese. Maybe the Chinese try and take advantage of it (probably with the Russians and every other hacker) but it's not Chinese in nature.

Reply With Quote
The following 4 users say Thank You to SMCJB for this post:
 
(login for full post details)
  #3 (permalink)
Symple
Zuerich / Switzerland
 
 
Posts: 268 since Sep 2021
Thanks: 353 given, 658 received



The vulnerability, known as CVE-2021-44228, was disclosed on Dec. 9, which allows remote access to servers and code execution, some experts have said. Meanwhile, Log4j is used in a large number of enterprise systems, raising concerns that it may be easily exploited.

Since the vulnerability, which some dubbed “Log4Shell,” so is widespread and is likely present in highly-trafficked websites and apps, users may also see their favorite websites and apps be impacted.

Cybersecurity firms Mandiant and Crowdstrike said that hacking groups are trying to breach systems, and Mandiant described to Reuters that they are “Chinese government actors,” in reference to the ruling Chinese Communist Party.

“Given that Log4j has been a ubiquitous logging solution for Enterprise Java development for decades, Log4j has the potential to become a vulnerability that will persist within Industrial Control Systems (ICS) environments for years to come,” according to a blog post by cybersecurity researchers at Dragos.

A cybercriminal can exploit the flaw by sending a malicious code string that will get logged by the Log4j version, allowing the attacker to load an arbitrary Java code to a server. The vulnerability could potentially allow them to take control of the server.

Federal cybersecurity officials also reportedly expressed alarm over the vulnerability in recent days.

“This vulnerability is one of the most serious that I’ve seen in my entire career, if not the most serious,” Jen Easterly, the head of the U.S. Cybersecurity and Infrastructure Security Agency (CISA), said on a phone call.

- The full article you will find here: (https://www.zerohedge.com/technology/internets-fire-right-now-millions-devices-risk-over-new-software-vulnerability)

Symple

Reply With Quote
The following 5 users say Thank You to Symple for this post:
 
(login for full post details)
  #4 (permalink)
 bobwest 
Site Moderator
Sarasota FL
 
Experience: Advanced
Platform: Sierra Chart
Trading: ES, YM
 
bobwest's Avatar
 
Posts: 7,105 since Jan 2013
Thanks: 52,270 given, 23,607 received


Powdrpig View Post
There is a new Chinese internet attack that might compromise your accounts. You might want to do a search for file "log4j" on your computer to see if you have it. If so, check to see if it has the new "2.15.0" file fix. I had it under my Interactive Brokers directory but they did a download update today when I signed on and installed the new file. Hopefully, other brokers and banks are on top of it.

https://www.dailymail.co.uk/news/article-10307697/Chinese-hackers-exploiting-fully-weaponised-Log4shell-software-vulnerability.html

'Log4Shell could wreck the internet' says cybersecurity expert
The vulnerability comes from Apache's Log4j, a globally popular open source library that helps software developers track changes in applications that they build." (https://www.dailymail.co.uk)

I've changed the name of this thread from "Chinese Internet Attack" to "Computer log4j Vulnerability".

Kudos to @Powdrpig for first bringing this to the community, but the log4j vulnerability did not originate in China, and is unfortunately much wider and deeper than anything from any hackers, although hackers are extremely interested now that the problem has been found.

The long4j code is intrinsic to the Java programming language, and has been around for a long, long time and appears in lots of places -- applications, server software, gaming software, practically everywhere. It lets a program automatically create and add to a log of whatever events the designers want to keep a log on.

But the problem is that it will execute (run) any programming instructions that it is fed, which is Very, Very Bad:

"Each time log4j is asked to log something new, it tries to make sense of that new entry and add it to the record. A few weeks ago, the cybersecurity community realized that by simply asking the program to log a line of malicious code, it would execute that code in the process, effectively letting bad actors grab control of servers that are running log4j.

"Reports differ when it comes to who first raised the alarm about the vulnerability. Some people say it surfaced in a forum dedicated to the video game Minecraft. Others point to a security researcher at Chinese tech company Alibaba. But experts say it’s the biggest software vulnerability of all time in terms of the number of services, sites and devices exposed."

(Full article here: https://www.washingtonpost.com/technology/2021/12/20/log4j-hack-vulnerability-java/ )

Since this code is found in a lot of places, this is really bad news. Researchers are currently working feverishly to fix it, as detailed in the article. I doubt that a PC user is in much of a position to do anything for their own computer, since the name "log4j" doesn't have to show up anywhere for it to be incorporated into some application you use, and the fix is going to have to come from changing the logging code itself.

It's not something that was planted on your computer -- it's something that is essential for some of your software to run, but it has a serious security hole. It is also larger than your computer, involving cloud services and essentially the entire internet.

Now that it's known, the people who work on fixing these things for a living will plug it up. Make sure you stay current on all updates during this time. It is something of a world-wide priority now, in the tech world, at least, and it will get fixed.

Bob.

When one door closes, another opens.
-- Cervantes, Don Quixote
Reply With Quote
The following 6 users say Thank You to bobwest for this post:


futures io Trading Community Off-Topic > Computer log4j Vulnerability


Last Updated on December 21, 2021


Upcoming Webinars and Events
 

NinjaTrader Indicator Challenge!

Ongoing
     



Copyright © 2022 by futures io, s.a., Av Ricardo J. Alfaro, Century Tower, Panama, Ph: +507 833-9432 (Panama and Intl), +1 888-312-3001 (USA and Canada), info@futures.io
All information is for educational use only and is not investment advice.
There is a substantial risk of loss in trading commodity futures, stocks, options and foreign exchange products. Past performance is not indicative of future results.
no new posts