Log4j, the serious security flaw that affects large technology companies

log4j, the serious security flaw that affects large technology companies
log4j, the serious security flaw that affects large technology companies
Share on Facebook Share on LinkedIn Share on Pinterest Share to Email Share on Telegram Share on WhatsApp

A serious cybersecurity flaw has set off all the alarms and has experts trying to solve it as soon as possible. This vulnerability, which has been described as of “catastrophic proportions” by the CEO of cybersecurity company LunaSec, has been called Log4j and was discovered last week.

Hundreds of millions of devices around the world could be accessing services affected by this vulnerability

The flaw has been detected in the software that many large organizations use to configure their applications, soe the repercussions can be very serious. That system, for example, is the one used in Apple’s cloud computing or by the servers of the Minecraft video game, one of the most popular in the world.

Log4j provides software developers with a platform on which they can build their applications and record their activity data. It is a free and open source tool, so anyone can access it and its use is widespread throughout the network. Companies like Appel, IBM, Google or Amazon use it. This implies that, worldwide, there may be hundreds of millions of devices accessing services affected by this security flaw.

Hackers and cybercriminals are taking advantage of this gap to launch constant attacks against companies and institutions. This week, and according to data from the cybersecurity company Check Point, they have registered more than 100 hacking attempts per minute linked to Log4j. Microsoft has alerted in a statement that, according to its analysts, there are hackers backed by the Chinese, Iranian, North Korean and Turkish states who are trying to exploit this security flaw.

In case any of these attacks are successful, hackers could gain access to the main servers of large companies and institutions. This would allow them to intervene all your information and your communication networks.

According to experts, there is little that users can do to protect themselves from this vulnerability. It’s up to companies and developers solve the fault to avoid new attacks. However, it is advisable to be aware of the updates of apps and devices proposed by the companies in the coming days and weeks. Running them as soon as possible can be a guarantee that the vulnerability does not affect computers.