Microsoft

Microsoft: Hackers in China, Iran and elsewhere begin exploiting widespread Apache Log4j flaws

You are interested in Microsoft: Hackers in China, Iran and elsewhere begin exploiting widespread Apache Log4j flaws right? So let's go together Doshared.com look forward to seeing this article right here!

Bigstock / World Image

Microsoft says groups connected to governments in China, Iran, North Korea and Turkey have begun exploiting vulnerabilities in the Apache Software Foundation’s widely used open-source Log4j software library.

Hackers can use the software flaws to gain control of compromised computers and systems. Microsoft has detected initial activity by government-affiliated groups ranging from experimentation to active exploitation of the vulnerabilities, the company said Tuesday in an updated post about the issue.

Others are using flaws to gain initial access for ransomware attacks.

“These access brokers then sell access to these networks to ransomware-as-a-service affiliates,” Microsoft said. “We have observed these groups attempting exploitation on both Linux and Windows systems, which may lead to an increase in human-operated ransomware impact on both of these operating system platforms.”

Microsoft’s security teams “have been analyzing our products and services to understand where Apache Log4j may be used and are taking expedited steps to mitigate any instances,” the company said in a separate post.

Apache has released two security updates to address the flaws discovered in Log4j. The software library is widely used to track security and performance information in programs developed in the cross-platform Java programming language, commonly used in consumer and enterprise apps, services, and websites.

Those security updates are designed for software vendors to apply. End users should then be on the lookout for software updates from those vendors once they’ve made the updates.

The U.S. Cybersecurity & Infrastructure Agency says software vendors who use Log4j in their products should apply the patches as soon as possible and inform their users to prioritize software updates, given “the severity of the vulnerabilities and the likelihood of an increase in exploitation by sophisticated cyber threat actors.”

See also  Microsoft’s ‘deepened partnership’ with Unity Applied sciences goals to increase recreation design toolset

Conclusion: So above is the Microsoft: Hackers in China, Iran and elsewhere begin exploiting widespread Apache Log4j flaws article. Hopefully with this article you can help you in life, always follow and read our good articles on the website: Doshared.com

Related Articles

Leave a Reply

Your email address will not be published. Required fields are marked *

Back to top button