幫助防禦 Log4j
Log4j 漏洞讓攻擊者能夠在遠端伺服器上執行代碼。At-Bay 正在擴展與 Cloudflare 的合作夥伴關係,以幫助您緩解 Log4j 攻擊。
2021 年 12 月 9 日,基於 Java 的常用記錄套件 Log4j 中揭露了一個嚴重漏洞。為緩解攻擊,Cloudflare 已為我們的所有客戶部署緩解規則。
背景資訊
Log4j 是一種常用的開源軟體庫,用於將 Web 應用程式活動記錄到記憶體中的記錄。這些檔案通常包含來自組織外部的資訊,例如,瀏覽器隨同 HTTP 請求傳送的 User-Agent 字串。
漏洞
不幸的是,Log4j 中的漏洞意味著透過在記錄的資料中使用特殊字元,有可能使公司內部的電腦執行攻擊者控制的代碼。透過稱為「遠端代碼執行」(RCE) 的攻擊,攻擊者可以侵入本應受到保護的安全系統。
Cloudflare 如何提供協助
In response to the Log4j vulnerability, Cloudflare has rolled out basic protections to all customers, irrespective of their plan type. As this vulnerability is actively being exploited, Log4j users should update to the latest version as soon as possible.
Cloudflare WAF now includes four rules to help mitigate any exploit attempts. See this blog post for details on how to enable these.
In addition, Cloudflare rolled out a config option for our Logpush service to find and replace known exploit strings in Cloudflare logs to help mitigate the impact of this vulnerability.
A key piece to managing cyber risk is a strong security posture, which is why we suggest organizations deploy Cloudflare application security. At-Bay customers subscribing to Cloudflare’s plans will automatically receive mitigation against this vulnerability.