Η US Government warned the private sector about high risk of attacks from the security gap in the software Log4j of the Apache Foundation.
Back door in software widely used on Internet servers has signaled an alarm to cybersecurity companies, which warn that no company should feel safe before checking its systems.
The security gap in Log4j software of the institution Apache «is the biggest, most critical vulnerability of the last decade"He said Amit Goran, CEO of the cybersecurity company Tenable and director of the US Cyber Assault Readiness Team.
On Friday, the US government warned the private sector of a high risk of attacks. He even called on companies to provide staff to patch up the security vacuum during the holidays.
«The Internet is on fire right nowHe told Associated Press Adam Meyers, vice president of the cybersecurity company Crowdstrike. Hacker groups have already developed tools that allow them to exploit vulnerabilities for attacks, he said.
«I would find it difficult to think of companies that are not at riskWarned Joe Sullivan security manager in Cloudflare, whose software protects websites from attack.
The software log4j is rather unknown to the average user, but is widely used by software companies to keep track of changes in the applications they develop.
Responsible for log4j are relatively few volunteers of the foundation Apache, which on Friday released a software update that partially fixes the problem. It will take time, however, for the affected companies to be able to identify and update vulnerable systems.
The security loophole allows hackers to enter code into the backup process. The code then tells the server hosting the software to execute a command that gives the attacker full control of the computer.
The foundation Apache was informed of the existence of the vulnerability by Chinese researchers Alibaba, but there are indications that the loophole was exploited in attacks before the security update was issued.
A security update was also issued by Microsoft when it was found that the Minecraft, a video game extremely popular with children. Its users Minecraft exploited the loophole to gain control of foreign computers, cybersecurity researchers say.
American companies Mandiant and Crowdstrike warned that hackers associated with China exploit vulnerability to attacks, while researchers have expressed concern about attacks on large corporate servers such as Apple, Amazon, Twitter and Cloudflare.
Do not forget to follow it Xiaomi-miui.gr on Google News to be informed immediately about all our new articles! You can also if you use RSS reader, add our page to your list by simply following this link >> https://news.xiaomi-miui.gr/feed/gn
Follow us on Telegram so that you are the first to learn our every news!
