News
Log4j Vulnerably To Wreak Havoc On The Internet For Years To Come
Because of how widespread Log4j is, experts estimate that it may take years to hunt down all vulnerable instances and patch them.
As if one pandemic wasn’t enough, there’s now also a cyber-pandemic whose scale is increasing at an exponential rate. The cause of this digital pandemic is a zero-day vulnerability in Java-based logging utility called Log4j. This open-source software allows software developers to log data within their applications, and it has been widely used since its release in 2001.
The vulnerability was disclosed on December 9 by the Alibaba Cloud Security Team, which named it Log4Shell (CVE-2021-44228). Two days later, cybersecurity company Tenable described it as “the single biggest, most critical vulnerability of the last decade”.
Since then, the vulnerability has affected many major tech players, including Amazon Web Services, Adobe, Broadcom, Cisco, Docker, F-Secure, IBM, Juniper Networks, Oracle, Red Hat, Siemens, SolarWinds, Sophos, Ubiquiti, Zoho, and others.
“It’s ubiquitous” said Chris Eng, chief research officer at cybersecurity firm Veracode, in an interview for CNN Business. Even if you’re a developer who doesn’t use Log4j directly, you might still be running the vulnerable code because one of the open-source libraries you use depends on Log4j”.
In addition to affecting large swaths of the global IT infrastructure, the Log4Shell vulnerability is also extremely severe because it involves arbitrary code execution. In other words, it makes it possible for attackers to make the vulnerable system do anything they want.
That’s why the Cybersecurity and Infrastructure Security Agency (CISA), the Canadian Centre for Cyber Security (CCCS), and Germany’s Bundesamt für Sicherheit in der Informationstechnik (BSI) have all called on organizations to take on immediate action and install the available fixes, which were released three days before the vulnerability was published.
Also Read: How To Enable WhatsApp Disappearing Messages For All Chats
Still, attackers have already successfully exploited the vulnerability to steal sensitive data, extract system credentials, install backdoors, and run crypto miners. Some of the largest botnets in the world are now scanning for the vulnerability, and almost half of all corporate networks have already been probed.
Because of how widespread Log4j is, experts estimate that it may take years to hunt down all vulnerable instances and patch them. Until that happens, cybercriminals will be on a hunt as well, ready to exploit them.
News
The New Nissan Patrol Makes Its Worldwide Debut In Abu Dhabi
The seventh-gen off-roader boasts a bold new design, powerful V6 twin-turbo engine, adaptive air suspension, and plenty of cutting-edge technology.
Yesterday, Nissan revealed the all-new seventh-generation Nissan Patrol to an excited audience in Abu Dhabi. The launch marks a significant milestone for the iconic off-roader, whose unveiling drew an audience of royals, VIPs, top Nissan executives, dealers, media, and prospective buyers.
During the event, Nissan president and CEO Makoto Uchida said: “The all-new Patrol is a prime example of the exciting and empowering models we are delivering under our global business plan, The Arc. The seventh generation is a bold leap forward, blending unparalleled performance, cutting-edge technology, and a commanding presence to redefine what an SUV can be”.
A Legendary Off-Roader, Reinvented
The all-new Nissan Patrol has updated styling that exudes strength and durability. The bold exterior, paired with 22-inch alloy wheels, comes in seven distinctive colors, four of which are two-tone combinations, allowing drivers to customize the Patrol to suit their personal style.
Enhanced Power And Performance
This latest Nissan Patrol is the most powerful version of the off-roader yet, thanks to a newly developed 3.5-liter V6 twin-turbo engine. This powerplant delivers 425 horsepower and 700 Nm of torque, channeled through a sophisticated 9-speed automatic transmission.
The Patrol’s dynamic suspension utilizes advanced e-damper technology that adapts automatically to varying driving conditions. Meanwhile, adaptive air suspension allows drivers to adjust the vehicle’s ride height, ensuring a seamless transition between highway driving and challenging off-road conditions.
Luxurious Interior And Advanced Technology
Inside, the all-new Patrol offers a spacious, luxurious cabin. A panoramic sunroof lets in natural light, creating an airy and inviting environment. Infotainment includes a 28.6-inch main display, complemented by two 14.3-inch displays for navigation, media, and vehicle settings. Rear passengers can enjoy (optional) dual 12.8-inch screens supporting Miracast, HDMI, and USB inputs.
The Patrol’s sound system features 12 Klipsch Premium speakers, delivering exceptional audio quality. Connectivity comes courtesy of NissanConnect 2.0 and Google Built-In, providing seamless smartphone integration for everyone inside.
Also Read: Initial Trials Of Dubai’s Driverless Evocargo Trucks Completed
A final interesting feature of the new Patrol is its Biometric Cooling. The system uses an infrared sensor to monitor the body temperature of front and second-row occupants, automatically adjusting airflow to provide optimal comfort.
The all-new Nissan Patrol will soon be available across the UAE, Saudi Arabia, and the rest of the Middle East, with the first orders arriving from November 1, 2024.