“Cybersecurity and Infrastructure Security Agency Director Jen Easterly told industry leaders in a phone briefing Monday that a vulnerability in a widely-used logging library ‘is one of the most serious I’ve seen in my entire career, if not the most serious.’
“‘We expect the vulnerability to be widely exploited by sophisticated actors and we have limited time to take necessary steps in order to reduce the likelihood of damage,’ she said of the Apache Log4j flaw. The issue is an unauthenticated remote execution vulnerability that could allow an intruder to take over an affected device.
“Hundreds of millions of devices are likely to be affected, said Jay Gazlay of CISA’s vulnerability management office in the [same] call” –as reported by Tim Starks, cyberscoop.com, Dec. 13, 2021
Because of how widespread this vulnerability is, affecting everyone from Microsoft to Apple to Amazon to Google (in fact it affects millions of pieces of software, it is time to make sure your business is as protected as possible. You may not hear bullets, but that doesn’t mean we not are in a war … [5 min. read]