The whole Internet is on fire right now because of a newly discovered flaw in a common piece of open-source software is prompting researchers and companies to update their systems in a bid to prevent hacks and ransomware attacks.
Join The True Defender Telegram Chanel Here: https://t.me/TheTrueDefender
“The vulnerability, known as CVE-2021-44228, was disclosed on Dec. 9, which allows remote access to servers and code execution, some experts have said. Meanwhile, Log4j is used in a large number of enterprise systems, raising concerns that it may be easily exploited,” Western Journal reported.
“Cybersecurity firms Mandiant and Crowdstrike said that hacking groups are trying to breach systems, and Mandiant described to Reuters that they are “Chinese government actors,” in reference to the ruling Chinese Communist Party.
“Given that Log4j has been a ubiquitous logging solution for Enterprise Java development for decades, Log4j has the potential to become a vulnerability that will persist within Industrial Control Systems (ICS) environments for years to come.”
Federal cybersecurity officials also reportedly expressed alarm over the vulnerability in recent days.
“This vulnerability is one of the most serious that I’ve seen in my entire career, if not the most serious,” Jen Easterly, the head of the U.S. Cybersecurity and Infrastructure Security Agency (CISA), said on a phone call.
“This exploit affects many services—including Minecraft Java Edition,” Microsoft stated. “This vulnerability poses a potential risk of your computer being compromised.”