Response Guide

[Alert] Apache Log4j 2 Vulnerability, Update Recommended

The Apache Log4j 2 vulnerability (CVE-2021-44228) was revealed on Twitter and Github alongside POC on December 10th, 2021. It is the remote code execution (RCE) vulnerability of the Log4j software, which can include the remote Java object address in the log message and run it in the vulnerable server. Alibaba’s cloud security team first reported the vulnerability to the Apache Software Foundation on November 24th, 2021, and the first patch was distributed on December 6th, 2021. Patch is continually being released,…

Magniber Ransomware Decryption Tool with Random Vector Recovery Feature

AhnLab’s new Magniber decryption tool renewed the existing tool in GUI format and now supports recovery for the parts that used to be unrepairable due to a variable vector found since April 8. However, it is limited to the case where encrypted/decrypted file exists as a pair with extension and key information. The tool is designed to show key and vector information upon entering the encryption extension information. Key and vector information of extension is managed as the database file with the name of ‘magniber.db’ inside the decryption tool and it was continuously updated until it was expired in October 2019. It is not able to be recovered if key and vector information do not appear after entering the extension….