Portuguese 
Spanish 
3 min of reading 
Security Technicians Are Working to Fix a Widespread Software Flaw That Could Trigger Cyberattacks
Cybersecurity officials at major technology companies are working tirelessly to fix a software flaw that could lead to new cyberattacks in a commonly used software. The bug in an obscure server called Log4j has prompted investigations into the impact of the issue on the site of Amazon.com, Twitter, Microsoft, and Cisco Systems, according to the companies.
Check Also:
- Petrobras reportedyesterday (12/13) that it had to halt gas production at the Manati field in Bahia
- Petrobras reported yesterday (12/13) that it received authorization for operational tests at the GasLub Pole in Itaboraí
- Startups are heating up the job market with over 275 job openings in-person and remote, for elementary, high school, vocational, and higher education
Amazon, the leading company in cloud computing worldwide, issued the following statement: “We are actively monitoring this issue and working to resolve it.” The Cybersecurity and Infrastructure Security Agency (CISA) of the U.S. Department of Homeland Security warned on Friday about the vulnerability and urged companies to take action.
“To be clear, this vulnerability poses a serious risk. We will only mitigate potential impacts through collaborative efforts between the government and the private sector,” said CISA Director Jen Easterly.
-
Amazon wants to use the World Cup to sell more than on Black Friday in Brazil, with a 7-day Prime Day, 9,000 temporary positions, 300 logistics hubs, free shipping, and a distribution center capable of processing 10,000 packages per hour.
-
BYD will invest R$ 510 million in batteries for the Brazilian power grid, aims to reach 50% local content by 2027, and targets becoming the best-selling automaker in Brazil by 2030.
-
After nearly 200 years of history, Stanley’s iconic factory shuts down operations in the USA, eliminates 300 jobs, and reveals a change that is transforming the tool industry.
-
Country making its World Cup debut has only 61 m³ of water per person per year, suffers from scarcity, and is betting on a megaproject to draw water from the Red Sea to the capital.
Software Providers Are Working on Fixes
Software providers that include Log4j in their products, such as Red Hat, Oracle, and VMware of International Business Machines, have reported that they are working on fixes. Since the bug is easily accessible and the attacks are difficult to contain, the Log4j vulnerability could be exploited by hackers in the coming years to breach corporate systems, according to Aaron Portnoy, Chief Scientist at the security company Randori. “It’s one of the most significant vulnerabilities I’ve seen in a long time,” he stated.
The issue allows hackers to turn log files, an algorithm that tracks user actions in the system, into malicious activities that force computers to download unauthorized software, creating a backdoor in the victims’ systems.
Software Downloaded Millions of Times
The harm was reported to the Log4j development team, a group of volunteer programmers who distribute free software, last month, according to Ralph Goers (one of them). As Log4j is provided for free, it’s unclear how many servers have been affected by the issue, but the logging software has been downloaded millions of times, the programmer stated.
The hackers’ initial attempt to exploit the bug was aimed at accessing servers running Microsoft’s Minecraft software, according to researchers. However, it later became apparent that there was widespread scanning and attempts to exploit the Log4j bug.
Microsoft issued a notice advising Minecraft players to update the system to fix the bug.
Cisco is searching for the Log4j bug in more than 150 products. So far, vulnerabilities have been found in three products, while 23 have been declared not vulnerable by a company spokesperson.
Be the first to react!