Log4Shell Threat Eases, Still High-Risk
February 15, 2022
The Log4Shell logging component, embedded in hundreds of products from VMWare, Oracle, IBM, Cisco and many in-house enterprise applications, has yet to be implicated in a major breach. The sole exception was an attack on the Belgian Defense Ministry. Microsoft still rates Log4j vulnerabilities as a “high-risk situation” for companies globally and sees high potential for their expanded use. According to a security expert quoted in ZdNet, the worst outcome was averted because the digital and security communities took the threat seriously in a way that hasn’t been seen since the Y2K bug, and that made a crucial difference. However, the Cybersecurity and Infrastructure Security Agency warns that hackers might be waiting to use access gained through Log4Shell until alert levels fall.
Read full article at:
Get our free daily newsletter
Subscribe for the latest news and business legal developments.
Read this next
President Biden’s Executive Order on the Safe, Secure, and Trustworthy Development and […]
The Cybersecurity and Infrastructure Security Agency and the FBI have issued a […]