Register now for better personalized quote!

We are still failing to learn the most important lesson in cybersecurity. That needs to change, fast

Dec, 04, 2022 Hi-network.com
Image: Getty/gilaxia

One year ago, a newly discovered zero-day vulnerability rocked the world of cybersecurity, but 12 months on, there are clear signs that vital lessons haven't been learned. 

The catchily-titled CVE-2021-44228 was and still is an easy to exploit vulnerability in the widely used Java logging library Apache Log4j, which enables attackers to remotely gain access to and take control of machines and servers. 

Upon discovery, it was a massive concern, because the ubiquitous nature of Log4j meant it was (and is) embedded in a vast array of applications, services and enterprise software tools that are written in Java and used by organizations and individuals around the world.  

Security

  • 8 habits of highly secure remote workers
  • How to find and remove spyware from your phone
  • The best VPN services: How do the top 5 compare?
  • How to find out if you are involved in a data breach -- and what to do next

Such was the danger posed by Log4j that the National Institute of Standards and Technology (NIST) gave the vulnerability a Common Vulnerability Scoring System (CVSS) score of 10 -classing it as a highly severe, critical vulnerability -and within hours of disclosure, it was being exploited by cyber criminals. 

Also: Cybersecurity: These are the new things to worry about in 2023

No wonder CISA chief Jen Easterly described the Log4j vulnerability as "one of the most serious that I've seen in my entire career, if not the most serious"

tag-icon Hot Tags : Tech Security

Copyright © 2014-2024 Hi-Network.com | HAILIAN TECHNOLOGY CO., LIMITED | All Rights Reserved.