Internet goes into ‘panic mode’ due to discovery of serious exploit
LOG4J is an open source Apache logging framework that is used in pretty much any Apache hosted website that logs activity against everything from system access to activity within a web application.
This means that this software and crucially the exploit within it, could be present in most of the internets’ webservers and embedded systems.
This is huge and is currently affecting some of the worlds biggest brands, from Apple to Tesla. Hackers have already published software that automates the discovery of vulnerable servers, so it’s a race to patch as many servers as possible, as quickly as possible.
IT teams rushing to deploy fixes over the weekend
So there is a fix available, but the issue is getting it out to all affected servers in time, given that these hackers are already automating the attacks as we speak late friday evening. In order to resolve the issue, make sure you advise your IT team to update the LOG4J service immediately as soon as possible.
Late Friday, several internet users were already proving the issue by hacking Minecraft Games. Some managed to execute the malicious code by changing their Twitter handle, one user even managed to execute code on their iPhone by changing their phone name.
We can help!
If you have any systems or webservers you are concerned about, give us a call and we can help you get passed this security issue
James Zalewski – CEO / Owner – Sysflex Ltd
Telephone: 07517 067495