(Reuters) – A newly discovered vulnerability in a widely used software library is causing chaos on the Internet, forcing cyber defenders to crawl while hackers rush to exploit the vulnerability.
The vulnerability, known as a Log4j, comes from a Log4j. popular open source product that helps software developers track changes in apps they build. It is so popular and embedded in many corporate programs that security chiefs expect widespread abuse. network security company, and founder of the US computer emergency team.
The US government sent a warning to the private sector about Log4j vulnerability and the imminent risk it poses on Friday.
Much of the software affected by Log4j, which bears the name like Hadoop or Solr, may be unfamiliar to the public. But just as with the SolarWinds program at the center of a massive Russian espionage operation last year, these workhorse programs make everyone's all possible assets the ideal starting point for digital intruders.
Juan Andres Guerrero-Saade, the foremost cyber security researcher at Andres. SentinelOne, called it "one of those nightmare vulnerabilities for which there is virtually no way to prepare." need time to locate the vulnerable software and implement patches correctly.
In practice, this error allows an outsider to enter active code in the record keeping process. That code then tells the server hosting the software to run a command that gives the hacker control.
The question was first published by a security researcher working for the Chinese technology company Alibaba Group Holding Ltd., Apache noted in its security advice. [1
What many experts now fear is that the bug could be used to distribute malware software that either destroys data or encrypts it, such as that used against the US pipeline operator Colonial Pipeline Co. in May, which led to gas shortages in some parts of the United States.
Mr. Guerrero-Saade said his company had already seen Chinese hacker groups move to take advantage of the vulnerability.
U.S. Cyber-security companies Mandiant and Crowdstrike also said they found sophisticated hacking groups that exploited the bug to break targets. Mandiant described these hackers as "Chinese government actors" in an email to Reuters.