In response to the rising prevalence of ransomware taking advantage of the Log4j vulnerability, Nubeva is offering a simple, combined solution to patch Log4j and protect against ransomware exploits. The software is delivered via a small "launch and forget" sensor for Windows servers and clients where ransomware is most prevalent. Nubeva hopes that these tools can help organizations everywhere mitigate against the exploitation of the Log4j exposure.
Built from Nubebva's core IP, automatically detect and hot patch vulnerabilities found in running programs in real-time, without restarts. The solution provides an immediate and easy fix until permanent code upgrades can be implemented.
The software detects crypto ransomware's file encryptions and intercepts copies of the keys used to lock up the files. With copies of the keys, Nubeva will assist victims to decrypt the files and reverse the attack without paying the ransom.
This tool is designed to provide an immediate, automatic, real-time mitigation to CVE-2021-44228 and CVE-2021-45046.
Hot patching is the technique of injecting code into running program memory in order to fix issues without restarting or rebooting. Hot patches are a solution used when official patches are not available or when restarts cannot be scheduled quickly enough. Several hot patches for Log4j have been released by the industry to fully describe the concept including this one from Amazon Web Services on December 12, 2021.
The Nubeva Auto-Hotpatcher is integrated with Ransomware Reversal capability and delivered as a single executable that installs as a system service. Once installed and authorized, the sensor performs the following Log4j functions:
Nubeva's Auto HotPatcher tool provides a fully automated and turnkey system to auto-detect and auto-hotpatch vulnerable Log4j, in real-time. It uses the AWS hotpatch code. It is intended to provide an immediate and fully automated "fix" for the following scenarios:Against unidentified vulnerabilities that got missed by scanners, is embedded in software or commercial applications you did not check
This product is a new solution for rapid data recovery to quickly restore operations following crypto-based ransomware attacks.
Upon detonation, ransomware encrypts files and holds the keys "hostage" to be purchased in order to decrypt the files. Ransomware Reversal is a system service, that when running on a system, can intercept copies of the encryption keys that are used to lock up the files. Then, once the malware is removed and it is safe to restore data, the keys are used to quickly and easily decrypt the files, without paying the ransom. Nubeva provides utilities and assistance to recover.
Ransomware Reversal is based on Nubeva's patented and proprietary IP called SKI (Session Key Intercept) technology for learning and extracting encryption keys from systems. SKI technology is utilized by many cybersecurity and application monitoring companies today for different decryption applications and uses cases.
The free trial offers the early release product which offers protection against most "known" ransomware. The solution is available for 30 days with the Log4j Auto HotPatcher in order to help protect against ransomware that may have entered an organization via the Log4j vulnerability and may detonate in the future.
When no ransomware events are active, the Nubeva Sensor uses negligible memory and CPU. Nubeva Sensor auto-updates, without restarts, to ensure the latest coverage of ransomware families.
At the end of the trial period, users will have the option to upgrade to a commercial version of our Ransomware Reversal solution or let it expire. The use of the Log4j utility is offered free forever.
Become a part of the early adopter community: Support for these free products is community-based. We welcome any and all product improvement ideas and bug identifications.
These solutions are built and packaged for enterprise use and are targeted for knowledgable cybersecurity and/or IT professionals. Additionally, managed service providers and incident responders are also welcome to use the tools for their customers. Nubeva also offers OEM software licensing options to enable cybersecurity and other solution providers to embed these capabilities into their offerings.