IGI CyberLabs has added scanning for Log4j vulnerabilities to its Nodeware vulnerability management solution.
The new functionality employs agents and sensors to search for both the CVE-2021-44228 and CVE-2021-45046 versions of Log4Shell, a vulnerability impacting Apache’s enormously popular Log4j logging library. Results from those scans, which appear alongside other data in Nodeware’s dashboard and reports, identify not only potentially exposed devices but specific Java applications with Log4Shell vulnerabilities on those devices.
“Nodeware Agents and credentialed scans can now pick up the updates and additional content automatically with no user intervention required,” said Stuart Cohen, president of IGI CyberLabs, in a media statement. “This level of identification of Log4j is critical for all companies as this flaw continues to enable attackers of any skill level to remotely take control of a vulnerable system and cause serious damages.”
Log4j scanning is an automatic update to Nodeware available immediately to all users who have enabled credentialed scanning.
Discovered last month, Log4Shell enables attackers to control computers running Log4j 2 remotely using text messages. Nation-state actors and ransomware-associated access brokers, among others, have been actively testing and implementing exploits that leverage the vulnerabilities, according to Microsoft. Millions of devices run Log4j, and experts expect Log4Shell issues to persist for months if not years to come.
Last week, the Federal Trade Commission warned businesses that it “intends to use its full legal authority to pursue companies that fail to take reasonable steps to protect consumer data from exposure as a result of Log4j, or similar known vulnerabilities in the future.”
“Nodeware’s scanning capabilities coupled with a dashboard that combines Log4J scans with other vulnerability data is paradigm changing for SMBs,” said Chuck Brooks, president of cybersecurity firm Brooks Consulting International, in prepared remarks. “Businesses will no longer have to rely on manually prepared scripts to fight the exploits. Instead, SMBs can now use a fully integrated and automated dashboard for Program Vulnerability Management to meet the threats posed by Log4J.”
Infinite Group Inc. (IGI) launched IGI CyberLabs as a wholly-owned subsidiary exclusively focused on Nodeware in June. The product automatically identifies PCs, servers, video surveillance cameras, edge appliances, Internet of Things hardware, and other network-connected devices and then checks for gaps in their defenses. The system uses a lightweight agent and doesn’t require physical or virtual host hardware. A multi-tenant management interface and APIs for connecting the system to PSA and RMM platforms make Nodeware an option for MSPs as well as corporate IT departments.
IGI CyberLabs added support for Linux devices to Nodeware last November.