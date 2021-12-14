For the past few hours, there has been a lot of talk about the internet Log4j and the very serious security flaw that it would be hitting the internet all over. We are talking about a 0-day vulnerability, that is, which would be inherent in the software element since its inception but which has only now been discovered by the parties involved. We are facing a rather serious flaw, not only for its implications but also and above all for the scale on which it can spread. This is because the name Log4j may not tell you anything, but it is a software component widespread in many services and platforms that we use daily.

First, what is Log4j? If you were wondering no, it’s not the name of a virus, malware or other nasty stuff like that. Log4j is a Java tool which is part of the Apache Logging Services project of the Apache Software Foundation itself. Put simply, it is probably the most popular logging tool in the world when it comes to Java-based software. And according to industry experts, this exploit is one of the most dangerous in recent years, precisely because of its extreme diffusion, even worse than the Heartbleed case a few years ago.

Log4j chaos: here’s how a security flaw is compromising the internet

It was the Alibaba Cloud Security Team that discovered this vulnerability, which is an exploit that affects any service that records user-controlled strings. The exploit was named Log4Shell and in practice it provides total access to the system by the potential criminal. Here is what the Randori Attack Team cyber-security center declares: “We believe that an increasing number of vulnerable products will be discovered in the coming weeks. Due to the ease of exploitation and breadth of applicability, we suspect that ransomware actors will start exploiting this vulnerability immediately.“.

For the moment, it looks like the Minecraft both the one most affected, but also other high-profile products such as Steam, iPhone, iCloud, Google, Facebook, Twitter And Tesla they are affected. But the list could go on and on – any platform or service that uses frameworks like Apache Struts, Solr, Druid, and Flink could potentially be hit by such attacks.

Unfortunately we users are totally cut off from the possibility of intervening in any way, being something that administrators will have to think about. All that remains is to hope that they do it in an extremely timely manner. But the problem becomes even more serious if you consider that Log4j is present in very old applications, based on versions of Java that are now obsolete but whose support has now ended years ago. Using these apps could be an unsolvable risk.

