Haven't heard of Log4j before right now? If not, you're certainly not alone but unfortunately it's something you're likely to hear more about in the weeks ahead. It may wind up being the cause of a few headaches for you.
"Log4j" is a Java library. Its function is to log error messages in applications. Consider it akin to an overworked clerk in the back office somewhere.
As is often the case with overworked clerks in back offices, it turns out that they're important. If one of them starts having issues it can have gigantic ripple effects. That's basically what's happening here. This library is open source and is one of the bedrock components of the Java-logging framework.
Recently researchers found a remote code execution flaw in Log4j that is already being exploited in the wild.
The issue is being tracked as CVE-2021-44228 and has a severity score of 10/10 so this issue is as serious as they get. In fact, it's such a major problem that the UK's National Cyber Security Centre has already issued a bulletin about it.
This is a pervasive issue that impacts pretty much every device that's exposed to or connected to the internet and that's running Apache Log4j versions 2.0 to 2.141. Even worse is that there's at least one group of hackers already abusing the flaw. The Mirai botnet targets mostly IoT devices and has been modified with a module that specifically exploits this flaw.
Fortunately, both Cisco and VMware have released patches that address the issue for their products that were affected by the issue. As a whole the industry is moving very slowly when it comes to responding to this threat.
That's dangerous because the global economy absolutely depends on the internet these days. Anything that has a large-scale impact on the web will have enormous ripple effects that will be felt for months if not years.
________________________________________________________________________________________________________
STOP OVERPAYING for CABLE and Netflix!
TeQ I.Q. Service works on "Apple, Android, Roku, Amazon, Computers, and more"
"We Now have TeQ I.Q. VOD+(Video On Demand) The Best VOD Service!
"If you have Netflix or any other VOD Service you should switch to TeQ I.Q. VOD+ Service"
It is better than Netflix with 5 Connections and 4K and 3D included. Better than all other VOD services with Over 30,000 Movies, including New In Theatre Movies, Over 10,000 TV Series and growing. TeQ I.Q. VOD+ adds Movies and TV Series on Request.
Check out our TeQ I.Q. Services at https://www.teqiq.com/tv
We are giving a Free in Person TeQ Seminar at our office in La Mesa every Wednesday from 12pm-1pm and a Free TeQ Support Q&A from 1pm-2pm. Go to https://www.teqiq.com/events for our upcoming Events and https://www.teqiq.com/seminars for info on each Seminar.
For Free Consultation Call Now Robert Black at (619) 255-4180 or visit our website https://www.teqiq.com/
Chase Bank and Others Trust TeQ I.Q. with their IT and TeQnology so can you!
