English

11 Years Of Business Super Terminal Display Manufacturing Experience

View All Products

Free Sample, After-Sale Guarantee

View All Products

Fully Customizable

View All Products

Vulnerabilities in the widely used logging system may be behind the recent cyber attacks

2021-12-13 16:11:42 By : Mr. Lester Choo

If this vulnerability is exploited, it will allow remote code execution on key servers used on the Internet.

A few days before Prime Minister Narendra Modi’s Twitter account was “briefly hacked”, a vulnerability called Log4Shell was discovered that exposed millions of devices to being compromised or hacked Risk of invasion.

If the vulnerability is exploited, it will allow remote code execution on critical servers, which means that attackers may import malware.

This vulnerability appeared in Log4j. The security teams of some of the world's largest technology companies, including Microsoft, Amazon, Twitter, Cisco, and IBM, are scrambling to find a solution.

The application keeps an active list of tasks in progress for viewing in case of errors. This process is called logging.

Unless the vulnerability is fixed, it can easily access the internal network, where cybercriminals can plunder valuable data, plant malware, and delete critical information.

Marcus Hutchins, a security researcher known for preventing WannaCry malware attacks worldwide, stated in a tweet on December 10, “This log4j (CVE-2021-44228) vulnerability is very serious. Millions of applications use Log4j for Logging, all the attacker needs to do is to make the application record a special string. So far, iCloud, Steam and Minecraft have all been confirmed to have vulnerabilities."

According to the Guardian, Cloudflare's chief security officer Joe Sullivan was quoted as saying: "I can hardly think of a company without risk."

In addition, log4j is installed on millions of servers. According to experts, the results of this vulnerability will be announced in the next few days.

There have been several cyber attacks in the past few days. The attacker hacked into the Twitter account of Prime Minister Narendra Modi and said on Twitter that “Bitcoin is legal tender in India”.

Recently, the Brazilian Ministry of Health deleted 50 TB of vaccination data in a ransomware attack. And BDO Unibank in the Philippines saw funds transferred from the account in a complex hacking attack.

However, it is not clear at this stage whether these hackers have exploited the same vulnerabilities.

(At The Quint, we are only responsible to our audience. By becoming members, we play an active role in shaping our journalism. Because the facts are worth it.)

Subscribe to our daily newsletter to send news directly to your inbox.

Featured Products

News & Blog