DHS warns of critical flaw in widely used software - CNN

(CNN)The Department of Homeland Security's top cyber official on Saturday urged government and private-sector organizations to address a critical flaw in widely used software that hackers were actively using to try to breach networks.
DHS's Cybersecurity and Infrastructure Security Agency ordered federal civilian agencies to update their software. And Jen Easterly, the head of the agency, warned that the vulnerability was being widely exploited by "a growing set" of hackers.
The vulnerability is in Java-based software known as "Log4j" that large organizations, including some of the world's biggest tech firms, use to configure their applications.
Apple's cloud computing service, security firm Cloudflare and one of the world's most popular video games, Minecraft, are among the organizations that run Log4j, according to security researchers.
The vulnerability can offer a hacker a relatively easy way to access an organization's computer server. From there, an attacker could devise other ways to access systems on an organization's network.
Security experts say that the fallout from the software flaw could continue for days and weeks as organizations race to address the issue.
The situation escalated before the weekend when a tool for exploiting the vulnerability was made public on GitHub, a software repository. That gave malicious hackers a potential roadmap for how to use the vulnerability to break into devices.
Easterly said her agency would hold a call with critical...



Read Full Story: https://www.cnn.com/2021/12/11/politics/dhs-log4j-software-flaw-warning/index.html

Your content is great. However, if any of the content contained herein violates any rights of yours, including those of copyright, please contact us immediately by e-mail at media[@]kissrpr.com.