Germany’s Federal Cybersecurity watchdog issues Red Alert over Log4j

BSI, Germany’s federal cybersecurity watchdog, has issued a red alert warning, its highest, on a flawed piece of widely-used software.

The cybersecurity company has said that it posed an “extremely critical threat” to web servers, Reuters reported. A vulnerability in a Java-based library known as Log4j can be exploited to allow a complete takeover of the affected system, the BSI said.

“The reason for this assessment is the very wide distribution of the affected product and the associated impact on countless other products. The vulnerability is also easily exploitable, and a proof-of-concept is publicly available,” the BSI said.

“The BSI is aware of world- and Germany-wide mass scans as well as attempted compromises. Initial successful compromises are also being publicly reported,” it added.

The BSI said that although there was a security update for Log4j all products using it also needed to be adapted, recommending that companies and organisations implemented the measures outlined in the cyber security warning.

A few days back the US government also issued a warning with regard to Log4j. Top US government cybersecurity officials have cautioned that Log4j vulnerability will affect millions of devices.

Publish on W.Media
Author Info - W.Media
Share This Article
Other Popular Posts