News
Log4j Vulnerably To Wreak Havoc On The Internet For Years To Come
Because of how widespread Log4j is, experts estimate that it may take years to hunt down all vulnerable instances and patch them.
As if one pandemic wasn’t enough, there’s now also a cyber-pandemic whose scale is increasing at an exponential rate. The cause of this digital pandemic is a zero-day vulnerability in Java-based logging utility called Log4j. This open-source software allows software developers to log data within their applications, and it has been widely used since its release in 2001.
The vulnerability was disclosed on December 9 by the Alibaba Cloud Security Team, which named it Log4Shell (CVE-2021-44228). Two days later, cybersecurity company Tenable described it as “the single biggest, most critical vulnerability of the last decade”.
Since then, the vulnerability has affected many major tech players, including Amazon Web Services, Adobe, Broadcom, Cisco, Docker, F-Secure, IBM, Juniper Networks, Oracle, Red Hat, Siemens, SolarWinds, Sophos, Ubiquiti, Zoho, and others.
“It’s ubiquitous” said Chris Eng, chief research officer at cybersecurity firm Veracode, in an interview for CNN Business. Even if you’re a developer who doesn’t use Log4j directly, you might still be running the vulnerable code because one of the open-source libraries you use depends on Log4j”.
In addition to affecting large swaths of the global IT infrastructure, the Log4Shell vulnerability is also extremely severe because it involves arbitrary code execution. In other words, it makes it possible for attackers to make the vulnerable system do anything they want.
That’s why the Cybersecurity and Infrastructure Security Agency (CISA), the Canadian Centre for Cyber Security (CCCS), and Germany’s Bundesamt für Sicherheit in der Informationstechnik (BSI) have all called on organizations to take on immediate action and install the available fixes, which were released three days before the vulnerability was published.
Also Read: How To Enable WhatsApp Disappearing Messages For All Chats
Still, attackers have already successfully exploited the vulnerability to steal sensitive data, extract system credentials, install backdoors, and run crypto miners. Some of the largest botnets in the world are now scanning for the vulnerability, and almost half of all corporate networks have already been probed.
Because of how widespread Log4j is, experts estimate that it may take years to hunt down all vulnerable instances and patch them. Until that happens, cybercriminals will be on a hunt as well, ready to exploit them.
News
Joby To Establish All-Electric Air Taxi Ecosystem Across The UAE
The comprehensive agreement with Abu Dhabi’s government includes a training program, infrastructure development, and a manufacturing presence.
All-electric aircraft company Joby Aviation has secured three separate agreements with departments of Abu Dhabi’s government that lay the groundwork to develop and scale air taxi services in the Emirate and beyond.
The deal was signed at the recent DRIFTx thought-leadership and exhibition platform and gave Joby exclusive rights to not only operate air taxi services in Dubai but also unlock inter-emirate services between Abu Dhabi.
Joe Ben Bevirt, founder and CEO of Joby Aviation, said: “Today’s agreement demonstrates the incredible momentum behind the adoption of clean flight across the UAE. We’re looking forward to delivering a fantastic experience for our future customers in Abu Dhabi and we’re excited to be unlocking the potential for zero-emissions flight between Abu Dhabi and Dubai. We’re grateful for the support and collaboration of our governmental partners and the entire ecosystem in Abu Dhabi and we remain deeply impressed by their commitment to building out a world-class aviation ecosystem in the Emirate”.
Joby’s all-electric aircraft went on display for the first time in Abu Dhabi’s Yas Marina at the DRIFTx event. The air taxi is designed to carry a pilot and four passengers and can reach speeds of 200 miles per hour (321 km/h). The zero-emission craft is said to have an extremely low acoustic footprint and can travel a maximum of 100 miles (161 km) on a single charge.
Also Read: Lebanese Newspaper Builds AI President To Beat Political Crisis
Once operational, Joby’s air taxi fleet would enable fast, clean travel across the UAE, with journeys between Abu Dhabi to Dubai taking just 30 minutes compared with two hours by car during peak times.
Joby continues to work closely with the UAE’s General Civil Aviation Authority (GCAA) to help the Emirates become a world leader in the introduction of air taxis. Additional testing and analysis will be required before inter-emirate travel becomes a reality, but the cutting-edge technology already appears to have great potential.