Jump to content

Newly discovered software flaw leaves millions vulnerable!


Recommended Posts

The top U.S. cybersecurity agency is warning that a new, easy-to-exploit software vulnerability has likely lead to hundreds of millions of computer hacks around the world.

The flaw is in Log4j, a snippet of open-source code widely used in internet applications around the world to help track users’ activity. Since Log4j is used in so many applications, and most modern organizations’ computer networks rely on a hodgepodge of different programs, there are scores of opportunities to exploit that flaw.

In a call Monday with private companies and state cybersecurity officials, Jen Easterly, director of the Cybersecurity and Infrastructure Agency, said it's likely that many computer systems have already been compromised, according to a description of the call provided by an agency spokesperson.

While the vulnerability is unlikely to threaten the security of people's personal devices, it could be used to gain a foothold to hack practically any organization online that doesn't update the software.

Cybersecurity professionals around the world have scrambled in the past few days to fix the flaw, which first gained attention on Thursday after they discovered hackers using it to trick victims into mining small amounts of cryptocurrency for them and to hack private Minecraft servers.

There are not yet many public reports of crippling hacks stemming from the Log4j vulnerability. Still, security professionals spent much of the weekend frantically trying to find and fix every potential place it can be exploited, said Wesley McGrew, a cybersecurity fellow at MartinFederal, a federal contracting company.

“It’s a combination of a new vulnerability being simultaneously widespread and easy to exploit,” McGraw said.



Article by: Kevin Collier - NBC News

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


  • Create New...