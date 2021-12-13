AGI – In the last 48 hours, a critical vulnerability called ‘Log4Shell’ has been recorded by several cybersecurity researchers, affecting the Apache Project’s open source log4j module, the heart of the majority of applications hosted by servers around the world. This was announced by the National Cybersecurity Agency.

This involves the presence of a vast and diversified attack surface on the entire Internet network – a note reads – “and considering its simplicity of exploitation, even by unsophisticated actors, makes the reported vulnerability particularly serious”.

The technicians of the National Cybersecurity Agency, in constant contact with the corresponding European and international agencies, recommend, given the danger of the vulnerability, “to minimize its exposure on the internet by applying the necessary measures to their servers as soon as possible. possible”.

CSIRT Italy is publishing security updates on the public portal https://csirt.gov.it, including the procedures to resolve the aforementioned vulnerability, to which the technical managers of public and private IT services are invited to refer.