What's new
Off Topix: Embrace the Unexpected in Every Discussion

Off Topix is a well established general discussion forum that originally opened to the public way back in 2009! We provide a laid back atmosphere and our members are down to earth. We have a ton of content and fresh stuff is constantly being added. We cover all sorts of topics, so there's bound to be something inside to pique your interest. We welcome anyone and everyone to register & become a member of our awesome community.

log4j vulnerability

Demon_skeith

Demon_skeith

Dedicated Member
Member
Joined
Sep 26, 2021
Posts
250
Reaction score
56
Points
185
A vulnerability in a widely used logging library has become a full-blown security meltdown, affecting digital systems across the internet. Hackers are already attempting to exploit it, but even as fixes emerge, researchers warn that the flaw could have serious repercussions worldwide.

The problem lies in Log4j, a ubiquitous, open source Apache logging framework that developers use to keep a record of activity within an application. Security responders are scrambling to patch the bug, which can be easily exploited to take control of vulnerable systems remotely. At the same time, hackers are actively scanning the internet for affected systems. Some have already developed tools that automatically attempt to exploit the bug, as well as worms that can spread independently from one vulnerable system to another under the right conditions.

Log4j is a Java library, and while the programming language is less popular with consumers these days, it's still in very broad use in enterprise systems and web apps. Researchers told WIRED on Friday that they expect many mainstream services will be affected.

Anyone here at risk for this?
 
Demon_skeith said:
A vulnerability in a widely used logging library has become a full-blown security meltdown, affecting digital systems across the internet. Hackers are already attempting to exploit it, but even as fixes emerge, researchers warn that the flaw could have serious repercussions worldwide.

The problem lies in Log4j, a ubiquitous, open source Apache logging framework that developers use to keep a record of activity within an application. Security responders are scrambling to patch the bug, which can be easily exploited to take control of vulnerable systems remotely. At the same time, hackers are actively scanning the internet for affected systems. Some have already developed tools that automatically attempt to exploit the bug, as well as worms that can spread independently from one vulnerable system to another under the right conditions.

Log4j is a Java library, and while the programming language is less popular with consumers these days, it's still in very broad use in enterprise systems and web apps. Researchers told WIRED on Friday that they expect many mainstream services will be affected.

Anyone here at risk for this?
Click to expand...
I saw that, another one has more recently been exploited too now.
 

Create an account or login to post a reply

You must be a member in order to post a reply

Create an account

Create an account here on Off Topix. It's quick & easy!

Register

Log in

Already have an account? Log in here.

Similar threads

Admitting Vulnerability
Replies
0
Views
468
cowcatcher
Jazzy
Skype targets vulnerability that compromised accounts
Replies
1
Views
282
Evil Eye
Evil Eye
Jazzy
Mozilla Firefox browser upgrade taken offline due to vulnerability
Replies
2
Views
353
nishasharma2012
nishasharma2012
Back
Top Bottom