Connect with us

News

Log4j Vulnerably To Wreak Havoc On The Internet For Years To Come

Because of how widespread Log4j is, experts estimate that it may take years to hunt down all vulnerable instances and patch them.

Published

on

log4j vulnerability to wreak havoc on the internet for years to come

As if one pandemic wasn’t enough, there’s now also a cyber-pandemic whose scale is increasing at an exponential rate. The cause of this digital pandemic is a zero-day vulnerability in Java-based logging utility called Log4j. This open-source software allows software developers to log data within their applications, and it has been widely used since its release in 2001.

The vulnerability was disclosed on December 9 by the Alibaba Cloud Security Team, which named it Log4Shell (CVE-2021-44228). Two days later, cybersecurity company Tenable described it as “the single biggest, most critical vulnerability of the last decade”.

Since then, the vulnerability has affected many major tech players, including Amazon Web Services, Adobe, Broadcom, Cisco, Docker, F-Secure, IBM, Juniper Networks, Oracle, Red Hat, Siemens, SolarWinds, Sophos, Ubiquiti, Zoho, and others.

“It’s ubiquitous” said Chris Eng, chief research officer at cybersecurity firm Veracode, in an interview for CNN Business. Even if you’re a developer who doesn’t use Log4j directly, you might still be running the vulnerable code because one of the open-source libraries you use depends on Log4j”.

In addition to affecting large swaths of the global IT infrastructure, the Log4Shell vulnerability is also extremely severe because it involves arbitrary code execution. In other words, it makes it possible for attackers to make the vulnerable system do anything they want.

That’s why the Cybersecurity and Infrastructure Security Agency (CISA), the Canadian Centre for Cyber Security (CCCS), and Germany’s Bundesamt für Sicherheit in der Informationstechnik (BSI) have all called on organizations to take on immediate action and install the available fixes, which were released three days before the vulnerability was published.

Also Read: How To Enable WhatsApp Disappearing Messages For All Chats

Still, attackers have already successfully exploited the vulnerability to steal sensitive data, extract system credentials, install backdoors, and run crypto miners. Some of the largest botnets in the world are now scanning for the vulnerability, and almost half of all corporate networks have already been probed.

Because of how widespread Log4j is, experts estimate that it may take years to hunt down all vulnerable instances and patch them. Until that happens, cybercriminals will be on a hunt as well, ready to exploit them.

Advertisement

📢 Get Exclusive Monthly Articles, Updates & Tech Tips Right In Your Inbox!

JOIN 17K+ SUBSCRIBERS

Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

News

1,000 Drones Light The Dubai Sky For AC Milan Celebration

Cyberdrone’s groundbreaking display marked 125 years of AC Milan football club and the 1st-year anniversary of Casa Milan Dubai.

Published

on

Cyberdrone, a leading UAV display company based in Dubai, put on a breathtaking drone light show on Monday to honor two significant football milestones: AC Milan’s 125th anniversary and the one-year anniversary of Casa Milan Dubai.

The spectacle involved 1,000 drones working in perfect harmony to project AC Milan’s iconic imagery against the city’s night sky. Highlights included the UAVs synchronizing to form the club’s iconic crest, the signature red and black jersey, and a special emblem marking its 125th year. The intricate performance demanded meticulous planning, not just in terms of choreography, but also in dealing with the necessary permits and logistics.

cyberdrone ac milan dubai

“Our goal was to spotlight AC Milan’s legacy through a stunning visual narrative,” explained Mohamed Munjed Abdulla, Director of Sales at Cyberdrone. “We celebrated the club’s history, its Dubai milestone, and the universal love for football. The show also enhanced AC Milan’s regional presence, growing its fanbase through a cutting-edge, memorable experience. Drone shows are unparalleled in leaving lasting impressions, making them perfect for driving partnerships and growth”.

Also Read: Joby Begins Construction Of Dubai’s First Vertiport For Air Taxis

Greta Nardeschi, AC Milan’s Regional Director for MENA, echoed the sentiment, adding: “Collaborating with Cyberdrone for this 1,000-drone performance allowed us to connect with our fans in innovative ways. It gave us a unique opportunity to surprise and inspire audiences while elevating our Club’s visibility and that of our partners. Cyberdrone truly helped us take AC Milan to new heights”.

This groundbreaking drone display sets a new benchmark for the Middle East’s sports sector, which already contributes around $2.4 billion annually to Dubai’s GDP alone. Sporting events also generate $1.76 billion in revenues across the region, while the MENA’s entertainment sector, valued at $41.13 billion, is growing at 9.41% annually, driven by rapid technological advancements.

Continue Reading

#Trending