Cybersecurity experts have raised the alarm about a previously unknown critical flaw in a commonly used software tool that could potentially allow hackers to compromise millions of devices connected to the internet.
The fault, known as ‘Log4Shell’, has been described as the “single biggest, most critical vulnerability of the last decade” – which puts it in the running for a place among the biggest glitches in modern computing history. Researchers have warned that the flaw affects servers run by tech giants like Microsoft, Apple, Amazon, and Twitter.
The first indication about the exploit was seen on sites that hosted servers for the hugely popular Microsoft-owned online game Minecraft. Marcus Hutchins, the British security researcher known for halting the WannaCry malware attack, tweeted that apparently some of the game’s users were already using the flaw to remotely run programs on the computers of other users by “simply pasting a short message into a chat box.”
In the case of Minecraft, attackers were able to get remote code execution on Minecraft Servers by simply pasting a a short message into the chat box.
The vulnerability, which is located in ‘log4j’ – an open-source logging tool developed by the Apache Software Foundation – was first reported on November 24 by Chinese tech giant Alibaba. The foundation then rated the severity of the problem at 10 on a scale of one to 10. However, the flaw was only publicly revealed on Thursday.
The logging software is used by Amazon Web Services and other cloud server providers as well as industry and government networks. Logging refers to a process where applications keep a running tab on activities they have performed that can later be reviewed to check for errors. Nearly every network security system uses a logging process, which hints at the scale of the problem.
Noting that hackers had “fully weaponized” the exploit shortly after it was revealed, Adam Meyers – senior vice president of intelligence at cybersecurity firm Crowdstrike – told the AP that the “internet’s on fire right now” as experts raced to patch the flaw while new tools to exploit it were being distributed.
Although a security fix to the log4j tool has been released, Log4Shell will remain a threat during the time it takes to ensure that all vulnerable machines are updated.
source: RT
Împotriva articolelor redacției noastre, persoanele nemulțumite pot formula Contestație în termen de 10 zile de la publicarea articolului, la judecătoria Orășenească nr. 1 München Bayern Deutschland, in conformitate cu Legea federală Germană. Considerăm că nu se pot formula acțiuni la instanțele din România deoarece nici o persoană care activează în trustul nostru nu poate fi extrasă de sub jurisdicția federală germană. Considerăm că redacția noastră nu răspunde în fața autorităților din România ci doar celor federale sau civile germane. deoarece legea română nu are efecte de extraneitate asupra redacției chiar dacă subiectul știrilor face obiectul unor evenimente sau persoane din România și sunt scrise în limba română. Limba română nu este izvor de extraneitate a legii.
absolvent WEB DESIGN Academia Britanică de Comunicare Iasi - absolvent COMUNICARE IN AFACERI Academia Britanica de Afaceri si Comunicare -absolvent JURNALISM EDITORIAL - London School University - 2019 inscris la echivalare diploma la Universitatea Politehnica Timisoara - absolvent studii de Drept Universitatea Europeană Drăgan, cursuri in Drept la Universitatea de Vest Timisoara, absolvent studii de proiectare, pastor coordonator in Biserica Protestanta Evanghelica,
Android Developer pe Google Play și plugin developer la Oxwall, creator de teme Wordpress și Oxwall, operator Wordpress, Drupal, Oxwall, Osclass, Moodle, tehnologii HTML și PHP
The prime minister had claimed those displaying Nazi flags among the Freedom Convoy protesters did not represent the rest of Canada Canadian Prime Minister Justin Trudeau has been accused of provoking the ire of anti-vaxxers after he took aim Freedom Convoy protesters, some of whom had been spotted waving flags associated with the genocidal Nazi […]
Utah is facing legal action over its move to include race as a determining factor in treatment decisions Health authorities in Utah and Minnesota have come under pressure after claims emerged that non-whites were given two extra points on a risk-based scorecard for deciding whether patients would receive Covid antibody treatment. On Wednesday, Fox News […]
A volcano erupted on the Indonesian island of Java on Saturday, reportedly obscuring the sun with a massive cloud of ash, and sending locals into a panic. A clip on social media has captured people, who live at the foot of Semeru volcano, fleeing in fear ahead of a cloud of black ash descending from […]
