The VPN provider ExpressVPN said it was the first service to provide protection for the recently discovered Log4Shell security gap. How you activate the protection and why this is important, we explain to you here.
Hackers are already actively exploiting the security gap. (Source: Netzwelt)
ExpressVPN has developed its own protection layer and rolled it out this morning on all VPN servers of the service. This means that everyone who uses the ExpressVPN VPN service on their end devices or routers is protected from the Log4j vulnerability. This technology has been activated on the server side so that no user action is required. Of course, ExpressVPN must be activated for this.
ExpressVPN is blocking the Log4Shell port
Peter Membrey, Chief Architect at ExpressVPN, said: “While we are not directly affected by this vulnerability and the security of our corporate systems is intact, we did not want to sit and watch it affect the world. Many of the applications and services that our customers rely on it. Since LDAP is a network protocol, we as a VPN saw the possibility of offering protection against this vulnerability. ExpressVPN blocks the port used by Log4Shell for this purpose.
at ExpressVPN 15 months of ExpressVPN for $ 99.95*
display
Additional measures to protect yourself from the security hole in Log4j
In addition to ExpressVPN with integrated protection, the following measures help to reduce the threat from Log4j:
- Updates the firewall settings and blocks the ports typically used by Log4Shell (RMI – 1099, LDAP – 389, 636, 1389, 3268, 3269 or possibly others)
- Activate auto-updates for all your apps so that the security updates can be installed quickly and automatically
- Immediately installs any security updates provided
- Checks whether you are using software or devices that are vulnerable to the vulnerability. So far it is not clear which programs and online services are all affected by the problem. On Github you will find a constantly updated collection of affected services – including links to the recommendations of the respective developers on what you can do now.
- Keep yourself informed about the current situation
In general, we recommend that you activate 2-factor authentication for the online accounts you use and use secure passwords wherever possible.
What makes Log4Shell so dangerous?
Log4Shell has been rated by security experts around the world with a risk level of 10.0 out of 10.0 and has been described as “the bug that destroys the Internet”.
The problem is that it affects Log4j, a piece of software that is ubiquitous in the Internet infrastructure. As a result, virtually every major service that uses Java, as well as many applications, appears to be vulnerable in some way.
Log4Shell attacks can also be carried out very easily without the victim clicking a link, pressing a button or performing any other action. For example, in the exploit demonstrated in the popular game Minecraft, the malicious actor only had to enter a message in a chat box to gain access to the Minecraft servers.
Are there other VPNs with Log4Shell protection?
Like CyberGhost VPN and Zenmate, ExpressVPN belongs to the Kape group of companies. It can therefore be assumed that work is currently being carried out on an implementation of the protection layer in the VPN services belonging to Kape. Netzwelt assumes that other VPN services such as NordVPN or SurfShark will soon be integrating similar protection mechanisms.
” Tip: The best VPN providers for more security and data protection
