Log4j: Why this massive security flaw is impacting nearly all of the internet

News and information from the Advent IM team.

A major cybersecurity vulnerability is impacting nearly all of the internet, sending everything from financial institutions to government entities scrambling to patch their systems, before cybercriminals and nation states can launch cyberattacks.

Known as the Log4j vulnerability, the flaw impacts a piece of open-source logging software that allows developers to understand how their programs function. The idea is to help companies understand potential bugs or performance issues in their own software.

But Log4j, which is part of the software offered by the open source Apache Software Foundation, can be exploited to allow attackers to take over the computers and networks of any organization running the program.

Patches have already been released, but applying them is a different story. Organizations, whether government or private, are notoriously slow when it comes to updating their software.

 

Read via Yahoo

Share this Post