search

arademm / Responding_to_a_Zero-Day_Vulnerability

0 stars 0 forks source link

readme

Responding_to_a_Zero-Day_Vulnerability

I was eager to gain hands-on experience about how to protect businesses from cyberattacks so I participated in a virtual internship with AIG in their Shields Up: Cybersecurity program.

My first task was to research a new zero-day vulnerability in Apache Log4j reported by CISA. I knew that this was a serious vulnerability, so I immediately began to research it.

httpswww cisa govnews-eventsnewscisa-fbi-nsa-and-international-partners-issue-advisory-ransomware-trends-2021

cisa govnews-eventscybersecurity-advisoriesaa21-356a

I read the CISA advisory and other security blogs and articles about the vulnerability. I learned that Log4j is a popular logging library used by many different applications. The vulnerability allows an attacker to execute arbitrary code on a system by sending a specially crafted message to a vulnerable application.

httpswww cisa govnews-eventscybersecurity-advisoriesaa21-356a

I then analyzed the Infrastructure List to see which teams might be affected by the vulnerability. I found that the Product Development Staging Environment, the Marketing Analytics Server, and the Human Resource Information System all use Log4j.

Infrastructure List

I sent an email to the team leads of these teams to inform them of the vulnerability and to recommend that they take steps to mitigate the risk. I also included a link to the CISA advisory and other resources.

advisory email to alert the infrastructure owner of the seriousness of this vulnerability

The team leads were grateful for the information and took steps to patch their systems. The vulnerability was successfully mitigated and no systems were compromised.

This incident taught me the importance of staying up-to-date on emerging vulnerabilities. It also taught me the importance of communicating effectively with stakeholders to ensure that they are aware of the risks and can take steps to mitigate them.