Skybird
12-15-21, 05:22 PM
https://edition.cnn.com/2021/12/15/tech/log4j-vulnerability/index.html
"What I'm most concerned about is the school districts, the hospitals, the places where there's a single IT person who does security who doesn't have time or the security budget or tooling," said Katie Nickels, Director of Intelligence at cybersecurity firm Red Canary. "Those are the organizations I'm most worried about -- small organizations with small security budgets."
I am surprised that nobody has launched a thread on it. The vulnerability is utmost severe and seems to surpass everything there has been before. The original exploit maybe ana be patched away by companies - but in the meantime the much more serious threat lies in that attackers can abuse this exploit to mine a target system, server, network, botnet and install "sleepers" - backdoors and vulnerabilities that persist long after the original exploit already has been shut down and patched. The real damage from this may materialize not before more or less time into the future when these installed backdoors and vulnerablties are started to get used - and nobody makes a link to the current issue and all wonder where these new vulnerabilities then suddenly have come from.
The thread title is not by me. IT experts use most dramatic phrases to describe how extrdemely serious this vulnerability now is. Its a potential nightmare. The German office for computer security is on "Defcon-1", so are its pendants in many other countries.
Annoying also is that us, the users, can do nothing here, its coanpyn stuff that needs to be done here. We users cna inly do one thing: having been clever enough in the opast to not make ourselves too dependent on online data and not having exposed our sensible - namely: financial data, private sphere and other precious, sensitive, important things online or stored on computer.
The hacker activity regarding this issue is described in specialised blogs and websites as "very active" currently. The haymaking of abusing hackers while the day lasts already has started. And mind you, when the "log4j" issue has been patched away, the many, many mines that have been placed by abusing it while it was there, still will be there.
"What I'm most concerned about is the school districts, the hospitals, the places where there's a single IT person who does security who doesn't have time or the security budget or tooling," said Katie Nickels, Director of Intelligence at cybersecurity firm Red Canary. "Those are the organizations I'm most worried about -- small organizations with small security budgets."
I am surprised that nobody has launched a thread on it. The vulnerability is utmost severe and seems to surpass everything there has been before. The original exploit maybe ana be patched away by companies - but in the meantime the much more serious threat lies in that attackers can abuse this exploit to mine a target system, server, network, botnet and install "sleepers" - backdoors and vulnerabilities that persist long after the original exploit already has been shut down and patched. The real damage from this may materialize not before more or less time into the future when these installed backdoors and vulnerablties are started to get used - and nobody makes a link to the current issue and all wonder where these new vulnerabilities then suddenly have come from.
The thread title is not by me. IT experts use most dramatic phrases to describe how extrdemely serious this vulnerability now is. Its a potential nightmare. The German office for computer security is on "Defcon-1", so are its pendants in many other countries.
Annoying also is that us, the users, can do nothing here, its coanpyn stuff that needs to be done here. We users cna inly do one thing: having been clever enough in the opast to not make ourselves too dependent on online data and not having exposed our sensible - namely: financial data, private sphere and other precious, sensitive, important things online or stored on computer.
The hacker activity regarding this issue is described in specialised blogs and websites as "very active" currently. The haymaking of abusing hackers while the day lasts already has started. And mind you, when the "log4j" issue has been patched away, the many, many mines that have been placed by abusing it while it was there, still will be there.