The critical vulnerability discoed in Java logging package Log4j has already shaken the cyber world. The vulnerability affects almost every internet service application. The impact of this vulnerability is so widespread that services like Apple iCloud, Amazon, Twitter, Cloudflare, and Minecraft are also at risk. That’s the reason it is also the biggest security risk the world is facing in 2021.
Apache Log4j is a Java library for logging error messages in applications. It is the most popular Java logging package and has more than 400,000 downloads on its GitHub repository. The vulnerability found in it is so critical that it has a severity score of 10 out of 10.
The Log4j vulnerability can allow hackers to get complete access to the system. Then cybercriminals can take complete control of the server and manipulate the system properly.
Cybercriminals have also started to exploit the vulnerability. As per a report, cybercriminals are trying over 100 times per minute to exploit the Log4j vulnerability. So, millions of firms are in danger of cyber theft.
Now a report by Checkpoint Research (CPR) found a spike in attacks targeted at this vulnerability. It claims that more than 40 percent of corporate networks in India have already had an attempted exploit. Globally, more than 2 lakh targeted attempts were made within 24 hours.
CPR also found that ver 60 new variations of the original exploit were recorded within 24 hours of the vulnerability being outed
Apache has already released an update for Log4j ghat patches the vulnerability. But it isn’t an easy task for organizations to update each Log4j application in a short span of time. So, organizations will be at risk until they apply the patch.
