Organizations in the financial industry around the world were warned by cyber threat intelligence expert Anis Haboubi regarding the persistent risk of attacks exploiting the years-old Apache Log4j2 vulnerability, tracked as CVE-2021-44832, as evidenced by the recent breaches at U.S. business intelligence software company Sisense and cloud storage provider Snowflake, which have systems widely used in the sector, reports Security Affairs.
Both firms may have been infiltrated through attacks exploiting the flaw before threat actors proceeded with exfiltrating troves of customer data, which could be leveraged to facilitate compromise of interconnected financial systems, said Haboubi. Moreover, Sisense was also found to have been particularly susceptible to the attack due to its lack of PEM key-based authentication, which it has since addressed.
Such a development should prompt organizations to ensure updated logging configurations and strong SSH security measures, noted Haboubi in a post on X, formerly Twitter.
