3/14
  • Pages
  • Editions
01 QPulse 18
02 Table of Contents
03 Mayhem with a capital M
04 The New Legislative Challenges in Artificial Intelligence
05 Moving Oracle Databases to Oracle Cloud: a primer
06 What does the future hold for e-invoicing?
07 Harnessing High-Performance Computing Capabilities in Oracle Cloud Infrastructure for Research
08 Unlocking the Benefits of JD Edwards Orchestrator for Your Organization
09 How do we protect critical assets?
10 How to attract young people in the IT Industry
11 Temporary Replacement Opportunity
12 Working at Quistor
13 Quistor news
14 Subscribe

Mayhem with a capital M

Author: Roel de Bruijn Manager Managed Operational Security @Quistor

November 24, 2021. In China, a researcher working at Alibaba discovers a vulnerability and reports it to the developers of the affected code. In the following days, information starts spreading indicating that the discovered vulnerability resides in a widespread used piece of code.

Alarms are triggered at government agencies all over the world. News bulletins dedicate full attention to it.

“A vulnerability in a widely used logging library has become a full-blown security meltdown, affecting digital systems across the internet.”

What we are referring to here is the log4j vulnerability, also known as CVE-2021-44228. It affects Apache Foundations’ log4j, a popular open-source logging library used in many applications and systems worldwide. The vulnerability allows remote attackers to execute arbitrary code, which can lead to data breaches, ransomware attacks and other security incidents.

Because of the widespread usage of log4j and the potential damage the vulnerability may cause when exploited, the vulnerability directly gets tagged with the highest security labels. Crisis teams are established, and the impact is being scoped. Security bulletins are sent out by the government agencies to the corporate world to warn and inform that it is “highly likely that software used in your company is affected by this vulnerability.” As much information as possible is gathered about the vulnerability and the usage of the logging library in other applications. Via easily accessible and contributable channels like GitHub, information is globally made available and shared.

Meanwhile, the Apache Software Foundation develops and releases a fix. Vendors start releasing quick-fixes, followed by patches for the products using the log4j code, so does Oracle. Oracle Security Alert Advisory - CVE-2021-44228.

At managed services providers, emergency response teams have gathered. Quistor is reaching out to customers to inform them and to aid in mitigating the risk on their affected systems as soon as possible. The resultant tasks are carried out by the several managed services technical departments. With this, the first mitigation of the vulnerability is in place.

During the next days and weeks, the final released patches are implemented, and checkups are done to complete the mitigation of the risk.

Overall, the log4j vulnerability has exposed the vulnerability of many organizations' IT infrastructure and the importance of having robust security measures in place. It has emphasized the need for organizations to take a proactive approach to IT security:

  • Develop and implement effective security strategies that can protect against current and future threats.
  • Monitor, identify, and track where third-party code is used.
  • Centralize security operations and establish dedicated task forces for it.

Increased Attack Surface

Nowadays, security patch management is even more important than ever before. With more employees working remotely and thus using various devices to access company data, the attack surface has expanded significantly, making it easier for hackers to find weaknesses to exploit.

Security patches are software updates designed to fix vulnerabilities and bugs in an operating system, application or software. These updates are released by vendors to address security weaknesses that have been identified and, by applying them, companies can significantly reduce the risk of a security breach. The longer a vulnerability goes unpatched, the greater the risk of a successful attack.

This is why it is crucial for companies to stay code-current and ensure that the latest security patches are applied promptly.

Stay Code-Current!

Upgrading JD Edwards ERP to the latest and greatest JDE Tools Releases once they are released, ensures staying code-current plus making sure the latest JD Edwards security fixes are applied to the core application code. Upgrading JD Edwards to newer versions will also ensure that, to meet the minimal technical requirements, surrounding products will also be kept up to date - ensuring eligibility for receiving security hardening fixes and patches. Our Quistor specialists have years of experience in assisting with Upgrade projects for the JDE application- as well as JDE Tools Releases. As part of continuous improvement in Managed Services Technical SLAs, we will recommend to do so where we see fit.

But there’s more..

So now that you have ensured code current with your JD Edwards implementation, what about the surrounding applications and operating systems?

Next to the core JD Edwards application, there are the Operating Systems and Middleware solutions (e.g. Java, Weblogic Server) as required components for hosting the JD Edwards application. Also think about systems used for interfacing. It’s vital to have a broad view and provide a similar amount of attention to every component of the system landscape when taking Security into consideration.

For most Operating Systems and Middleware solutions, regular Security patch sets are released on a fixed schedule. For example, Oracle releases Security Patches every 3rd Tuesday of each quarter. Microsoft “Patch Tuesday” is every 2nd Tuesday of the month.

“Are you concerned about the security of your company's digital assets? As cyber threats continue to grow in complexity and frequency, it's essential to have a reliable and effective security strategy in place. That’s where Quistor Managed Operational Security (MOS) services come into play.”

Quistor Managed Operational Security

As managed services provider, Quistor has invested in a new ‘Managed Operational Security’ (MOS) department, which can dedicatedly and centralized, assist organizations in mitigating the technical risks associated with vulnerabilities for systems and software in the scope of our Support.

The Managed Operational Security department, at present, offers a range of services, including JD Edwards vulnerability assessments and Security patching. We can work autonomously or closely together with your own cyber security staff, as per agreement.

From this newly established department, Quistor can unburden you by i.e., taking responsibility for prioritizing and applying the latest Security patches upon release to the systems and software in scope of our Support. This is a critical service that helps protect your IT infrastructure from security vulnerabilities and cyber-attacks.

As we grow our department, we are also developing strategies to provide more tailored security services. Think of promoting EDR/XDR endpoint solutions for IaaS or on-premises systems via partnerships. Security bulletins & pro-active best practice-based security consultancy around the applications and systems we Support.

With Security Patching services added to your SLA, we can provide for:

  • Pro-active critical patch management: Quistor MOS can take a proactive approach to patch management by monitoring the latest security patches as they become available and prioritizing those that are critical for your IT environment. This, combined with applying the regular released patch sets at scheduled intervals, ensures that your systems and applications are up to date with the latest critical security patches, reducing the risk of cyber-attacks and security breaches.
  • Timely patch deployment: We can deploy regular released security patch sets in an efficient and timely manner to minimize the risk of vulnerabilities being exploited by cybercriminals. Typically, we schedule patch deployments during non-business hours to minimize disruption to your operations.
  • Compliance management: We help you to meet compliance requirements by ensuring that all security patches are applied in a timely manner and providing documentation to demonstrate that your IT infrastructure is up to date with these latest security patches.
  • Reduced workload: By relying on a managed services provider to manage your patch management process, you can reduce your IT team's workload and free up resources to focus on more strategic projects. This can help you save time and money while ensuring that your IT infrastructure is secure and up to date.

Don't leave the security of your organization's digital assets to chance. Contact us today to learn more about how our Quistor Managed Operational Security services can help you achieve greater peace of mind and protect your business from cyber threats, while reducing your workload and allowing you to focus on more strategic initiatives.

Before you go

Feel free to ask us any question, ask for more information or simply say hello in this contact form.

Get in touch