Cybersecurity, Privacy, & AI

Trending Now
Daybreak Is OpenAI’s Answer to the AI Arms Race in Cybersecurity • Cyber Operations Aren’t Slow — Our Thinking Is • ‘No Time to Waste’ in Prepping Governments for AI Cyber Threats, Top Dem Lawmaker Says • ‘Insatiable Appetite’ for AI: Maven Usage Surged for Strikes on Iran, Pentagon AI Chief Says • Navigating Automation, Robotics, AI, and Data in a QMSR-Driven Manufacturing World
Protests & Claims Newsletter Cyber & Privacy Newsletter Compliance & Enforcement Newsletter Development Newsletter Transforming Procurement Newsletter
Published on January 12, 2022 Cyber

Log4j Vulnerability Not Leading to Much Visible Damage… Yet

Log4j Vulnerability Not Leading to Much Visible Damage… Yet

ozrimoz | Shutterstock

Cybersecurity companies are experiencing millions of attempts to exploit the recently discovered Log4j vulnerability, but CISA says the agency hasn’t received many reports of attacks using the flaw. CISA director Jen Easterly concedes that the agency isn’t sure yet whether that’s because of effective early mitigation, or because malicious actors are being patient with the new access they’ve acquired to unpatched systems. Easterly noted that the infamous Equifax breach discovered in September 2017 took advantage of a bug found six months earlier, also in a widely used open-source software package. CISA has identified more than 2,800 commercial products that use the Log4j tool, and Easterly describes the vulnerability as both the most severe she’s seen and “pretty trivial” to exploit.

Source:

Stay compliant and protected with daily updates on cybersecurity, data privacy, and federal oversight with our Cyber & Privacy newsletter, delivering up-to-the-minute intelligence Monday–SaturdaySubscribe here.

© PubKGroup 2024