• Home
  • Politics
  • News
  • Business
  • Health
  • Entertainment
  • Sports
  • Lifestyle
  • Education
  • Opinion
Saturday, 1 April, 2023
  • Login
topfmonline.com
 
  • Home
  • News
  • Politics
  • Business
  • Entertainment
  • Health
  • Lifestyle
  • Sports
  • Education
  • Technology
  • Foreign
No Result
View All Result
topfmonline.com
No Result
View All Result
Home Technology

DHS warns of critical flaw in widely used software

TOPFM NEWS by TOPFM NEWS
December 14, 2021
in Technology
A A
0
DHS warns of critical flaw in widely used software
0
SHARES
0
VIEWS
Share on FacebookShare on Twitter

The Department of Homeland Security’s top cyber official on Saturday urged government and private-sector organizations to address a critical flaw in widely used software that hackers were actively using to try to breach networks.

DHS’s Cybersecurity and Infrastructure Security Agency ordered federal civilian agencies to update their software. And Jen Easterly, the head of the agency, warned that the vulnerability was being widely exploited by “a growing set” of hackers.

The vulnerability is in Java-based software known as “Log4j” that large organizations, including some of the world’s biggest tech firms, use to configure their applications.

Apple’s cloud computing service, security firm Cloudflare and one of the world’s most popular video games, Minecraft, are among the organizations that run Log4j, according to security researchers. 

The vulnerability can offer a hacker a relatively easy way to access an organization’s computer server. From there, an attacker could devise other ways to access systems on an organization’s network.

Security experts say that the fallout from the software flaw could continue for days and weeks as organizations race to address the issue.

The situation escalated before the weekend when a tool for exploiting the vulnerability was made public on GitHub, a software repository. That gave malicious hackers a potential roadmap for how to use the vulnerability to break into devices.

Easterly said her agency would hold a call with critical infrastructure firms across the country on Monday to brief them on the situation.

The onus will be on organizations running the software, rather than individual consumers, to apply the fixes. The Apache Software Foundation, which manages the Log4j software, has released a security fix for organizations to apply.

Cybersecurity researchers interviewed by CNN said it was unclear just how many devices on the internet are exposed to the vulnerability. But IT administrators around the world are on notice and preparing for a long weekend of responding to hacks. 

Kevin Beaumont, a researcher who keeps a close eye on emerging software flaws, compared the conundrum that organizations are in with the software flaw to “lock[ing] the doors to your car, but then allow[ing] anybody to shout commands at Siri from outside the car to remotely drive it.”

“Log4j is buried deep inside products and [organizations], gonna be painful to fix,” Beaumont tweeted Friday.

GreyNoise Intelligence, a firm that maps internet traffic, said that the number of devices that were trying to exploit the vulnerability had more than doubled from Friday to Saturday.

GreyNoise founder Andrew Morris said his firm had been consulting with large tech companies and government organizations about mitigating the impact of the malicious cyber activity.

“A lot of really important people are concerned” about the vulnerability, Morris told CNN.

Related Posts

TikTok launches an elections hub in Kenya ahead of General Elections

TikTok launches an elections hub in Kenya ahead of General Elections

July 15, 2022
10
Facebook to allow up to five profiles tied to one account

Facebook to allow up to five profiles tied to one account

July 15, 2022
4
Source: Sean Lyngaas
Via: CNN
Tags: CybersecurityDHSHackersHomelandsecurity
Previous Post

U.S. crosses 50 million COVID-19 cases as Delta dominates amid Omicron emergence

Next Post

Apple brings SharePlay to macOS Monterey

Related Posts

TikTok launches an elections hub in Kenya ahead of General Elections
Technology

TikTok launches an elections hub in Kenya ahead of General Elections

July 15, 2022
10
Facebook to allow up to five profiles tied to one account
Technology

Facebook to allow up to five profiles tied to one account

July 15, 2022
4
Microsoft releases tweet-size exploit for macOS sandbox escape bug
Technology

Microsoft releases tweet-size exploit for macOS sandbox escape bug

July 14, 2022
9
Final Android 13 beta arrives ahead of its official launch ‘in the weeks ahead’
Technology

Final Android 13 beta arrives ahead of its official launch ‘in the weeks ahead’

July 14, 2022
2
Ex-CIA engineer Joshua Schulte convicted over massive data leak
Technology

Ex-CIA engineer Joshua Schulte convicted over massive data leak

July 14, 2022
2
Samsung Galaxy Z Fold 4 with model name SM-F936U certified by FCC
Technology

Samsung Galaxy Z Fold 4 with model name SM-F936U certified by FCC

July 13, 2022
2
Next Post
Apple brings SharePlay to macOS Monterey

Apple brings SharePlay to macOS Monterey

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

BROWSE BY CATEGORIES

  • Business
  • Education
  • Entertainment
  • Foreign
  • Health
  • Lifestyle
  • News
  • Opinion
  • Politics
  • Sports
  • Technology
  • Uncategorized

BROWSE BY TOPICS

2022 Budget Afghanistan akufo addo Amazon Apiate explosion apple AT&T Black Stars covid COVID-19 COVID 19 E-Levy facebook Fuel Ghana Police Service Google Government health Intel iphone Mahama Majority Microsoft Minority momo NDC news NLC NPP Nvidia OMICRON Parliament police Russia security South Africa Taliban tech Tesla twitter US UTAG vaccine vaccines Xinjiang

Recent Posts

  • New revenue bills approval: Your walkout won’t affect us – Majority tells minority
  • Bawumia Must Win (BMW) Agenda Campaign Launched
  • Prove Seth Terkper’s authorisation for Letters of Credits – Judge tells Ato Forson
  • We’ll vote against govt’s new tax bills – Mahama Ayariga
  • ECG releases nationwide ‘Dumsor’ timetable

Recent Comments

No comments to show.

RECENT NEWS

  • New revenue bills approval: Your walkout won’t affect us – Majority tells minority March 31, 2023
  • Bawumia Must Win (BMW) Agenda Campaign Launched March 31, 2023
  • Prove Seth Terkper’s authorisation for Letters of Credits – Judge tells Ato Forson March 31, 2023
  • We’ll vote against govt’s new tax bills – Mahama Ayariga March 31, 2023

MAIN CATEGORIES

  • Business
  • Education
  • Entertainment
  • Foreign
  • Health
  • Lifestyle
  • News
  • Opinion
  • Politics
  • Sports
  • Technology
  • Uncategorized

Entertainment

US Veep Kamala Harris hails impact of medical drone delivery in Ghana
Health

US Veep Kamala Harris hails impact of medical drone delivery in Ghana

4 days ago
1
  • ABOUT US
  • CONTACT
  • ADVERTISE

© 2023 Top Media Group - Powered by BackUp Data Systems

No Result
View All Result
  • Home
  • Politics
  • News
  • Business
  • Health
  • Entertainment
  • Sports
  • Lifestyle
  • Education
  • Opinion

© 2023 Top Media Group - Powered by BackUp Data Systems

Welcome Back!

Login to your account below

Forgotten Password?

Retrieve your password

Please enter your username or email address to reset your password.

Log In