Log4j, the serious security flaw affecting big tech companies

Log4j Cyberattacks

A serious cybersecurity flaw has set off all the alarms and has experts trying to fix it as soon as possible. This vulnerability, which has been described as being of “catastrophic proportions.” by the CEO of cybersecurity firm LunaSec, has been given the name Log4j and was discovered last week.

Hundreds of millions of devices worldwide could be accessing services affected by this vulnerability

The flaw has been detected in the software that many large organizations use to configure their applications, so que repercussions can be very serious. This system, for example, is used in Apple’s cloud computing or by the servers of the video game Minecraft, one of the most popular in the world.

Log4j provides software developers with a platform on which they can build their applications and log application activity data. It is a free and open source tool, so anyone can have access to it and its use is widespread throughout the network. Companies like Appel, IBM, Google or Amazon use it. That means that, worldwide, there may be hundreds of millions of devices accessing services affected by this security flaw.

Hackers and cybercriminals are taking advantage of this breach to launch constant attacks against companies and institutions. This week, and according to data from the cybersecurity company Check Point, have been recorded more than 100 hacking attempts per minute linked to Log4j. Microsoft has warned in a statement that, according to its analysts, there are hackers backed by Chinese, Iranian, North Korean and Turkish states who are trying to exploit this security flaw.

Should any of these attacks succeed, hackers could gain access to the main servers of large companies.. and institutions. This would allow them to tap into all their information and communication networks.

According to experts, there is not much users can do to protect themselves from this vulnerability. It is up to the companies and developers to fix the flaw to prevent further attacks. However, it is advisable to be aware in the coming days and weeks to the updates of apps and devices proposed by the companies. Executing them as soon as possible can be a guarantee that the vulnerability does not affect the equipment.

Click to rate this entry!
(Votes: 0 Average: 0)

Leave a Comment