Apple, Amazon, Twitter and even Cloudflare servers are victims of a serious security breach. Present in an open source utility, it allows hackers to easily enter a network. Businesses around the world are urgently implementing fixes to block the entry of hackers.
A few days ago, a serious security flaw was spotted in several versions of Minecraft. Identified in Log4j, a logging utility Java-based present in many web application frameworks, the zero day breach allows an attacker to easily execute code remotely on servers. An attacker can then steal data or spread malware.
According to computer security experts, this security flaw endangers the servers of many services and applications. Indeed, Log4j is operated by millions of businesses around the world. Asked by APNews, Adam Meyers, vice president of intelligence at Crowdstrike, believes that all firms are concerned.
“Internet is on fire”: hackers seek to exploit the Log4Shell flaw
“I would be hard pressed to think of a business that is not at risk”, explains Adam Meyers, believing that the servers of firms like Apple, Amazon, Twitter or even Cloudflare, the American web host, are in danger. However, there is nothing to indicate that these firms have already found themselves in the crosshairs of hackers.
For his part, Amit Yoran, CEO of the cybersecurity company Tenable, assures us that it is about “The greatest vulnerability, the most critical of the last decade”, even the history of computing. Aware of the risks, most companies using Log4j are currently deploying fixes to close the loophole, called Log4Shell. The Apache Software Foundation, which is responsible for the development of the open source solution, promptly proposed a patch a few hours after the disclosure of the breach.
On the same topic: The United States unveils the list of the most dangerous security breaches
At the same time, hackers rush to exploit the vulnerability. “The internet is on fire right now. People are scrambling to fix everything and all kinds of people are scrambling to exploit it ”, warns Adam Meyers. Among the services that would be affected are iCloud, Apple’s online storage service, and Steam, the video game platform. Through a spokesperson, Valve ensured that engineers quickly scanned Steam’s entire system. Due to network security rules, the platform would be out of danger.