Dangerous Bug " Log4Shell" Threaten Millions of Servers and Applications Worldwide - VNExplorer

Dangerous Bug " Log4Shell" Threaten Millions of Servers and Applications Worldwide - VNExplorer

                                                            Photo by Kevin Ku on Unsplash

Nuansatech.com – A malicious security flaw called "Log4Shell", codenamed CVE-2021-44228, was later identified by cybersecurity experts. This bug has the potential to make many parties restless.

Because, this bug can be exploited easily by irresponsible parties, one of which is like hackers (hackers) to break into a server or application using only a number of codes.

If it has been broken into, then hackers can automatically do anything, including stealing various user data and embedding various malicious programs (malware) that can present other adverse effects. So, what exactly is Log4Shell?

Read also: There are Bugs, Games on Android 12 Suddenly Crash

Similar to the name, this security flaw is found in the software registrar of application activity history or platform (logging utility) based on open source, aka free belonging to apache software foundation dubbed "Log4J".

The presence of Log4J software itself is useful to find out and trace an error (error) on a server or application.

The damage can be seen based on the operational history or running of the application or server. When there is a malfunction, for example, then Log4J will record the incident, so that it can be used as a reference for future improvements.

According to a number of security researchers, Log4J software itself is widely used by various servers or applications connected to the internet, one of which is Minecraft, the game that first announced there was a Log4Shell security flaw.

Read also: Joker Malware Returns, Immediately Remove These 15 Android Apps

In the game, hackers can send a number of malicious code easily only through the chat feature to attack the target's computer.

Because the essence of Log4J will record all conversations or activities on a server or application, the code sent by the hacker will also be recorded, so that hackers can break into the server and break into it.

Similar methods can also be done by hackers in various applications or other servers that rely on Log4J.

© Provided by Nuansatech comilustrasi hacker

In addition to Minecraft, security researcher from malwaretech.com, Marcus Hutchins claims that many servers and applications rely on Log4J, including iCloud servers and the popular game distribution platorm Steam.

Watch out, Joker Malware Data Thieves Found in Squid Game App

"Overall, there are millions of apps that use Log4J for logging purposes, and all hackers need is some unique code to exploit the Log4Shell security flaw," Marcus said in a Twitter post with the handle @MalwareTechBlog.

Because many are affected and the effects are quite dangerous, some security researchers consider Log4Shell to be the worst security gap in recent years.

"Log4Shell has been a very dangerous security flaw for the past decade," said a researcher from cybersecurity firm Tenable.

Because of the danger, Log4 provider, the Apache Software Foundation provides a value of 10, aka the highest value of the scale of 0-10 for the security impact that Log4Shell can cause.

READ MORE: Money Google gave to bug inventor breaks record

As summarized by Nuansatech from TheVerge, Monday (12/13/2021), the Apache Software Foundation itself has presented an update to the logging software, two weeks after the first case was reported on November 24.

However, because Log4J is used and may be modified by many servers and applications, this Log4Shell bug patch must be applied independently by the party using Log4J.

Some apps that use Log4J, including Minecraft, have already rolled out updates. However, it is said that there are still many application providers connected to the internet that have not implemented improvements.

It is not yet known what direct impact the Log4Shell bug has on users, as well as internet companies that focus on the users themselves.

The effects and damage caused by the bug have not yet been announced by security researchers and other relevant parties. We'll just look forward to it.Asia's Tech News DailyAutosUniverseTechnologySecurityBig TechDataDeep TechEnergyFintechInternetIndiaChina

Internet Explorer Channel NetworkNews RelatedFabio Quartararo and two other top riders on Honda's radarPIP Director: Ultramicro Business Urgently Needs AssistanceGovernment and House Asked to Sit Together to Discuss Asset Forfeiture BillMenkes: Booster Vaccine for The Elderly FreeTo Increase Commercial Value, PERBASI Introduces New Logo21 Regions in Jatim Allowed to Hold Vaccination of Children 6-11 YearsUK removes 11 countries from red list of high-risk Omicron variantChildren Aged 6-11 Years Undergo Strict Screening Before Covid-19 VaccineIsraeli soldiers raid university in West BankTips to Become a Master Speed Chess from Grandmaster Susanto MegarantoBracket Box Shad For Yamaha NMAX There Is KWnya, This Is The Difference With OriginalCan Change Special, Yamaha Jupiter MX 135 Looks More StylishYuk's acquaintance with Piaggio Ape Electrik, a Three-Wheeled Electric Motor that Costs Rp 131 MillionFake Engine Oil Can Make Oil Pumps Problematic, Here's the Explanation

Local Content Is Already 80 Percent, Dealers Say The Price of Mitsubishi New Xpander and Xpander Cross Does Not Rise Next Year © Provided by GridOto Mitsubishi New Xpander Exceed at GIIAS 2021. Rayhan ... Read more »

Do Not Buy, Here's the Effect If the Motorcycle Brake Slang Is Too Long © Provided by gridoto Kaliper front Yamaha R15 mounted on the rear brake Yamaha NMAX YMS Do Not Buy, Here' Read more »

© Kautsar Widya Prabowo this is expected to reduce the number of corruption in the region. Jakarta: The Regional Representative Council (DPD) together with the Corruption Eradication Commission (KPK) will strengthen efforts to prevent and crack down on corruption. Read more »

© www.pixabay.com Covid-19 Vaccine (illustration) PT Bio Farma recorded a total booster vaccination requirement of 231.4 million doses. REPUBLIKA.CO.ID, JAKARTA - President Director of PT Bio Farma, Honesty Basyir, said the total need for vaccination... Read more »

© JPNN.COM Joseph Suryadi Suspected Insulting The Prophet Claimed to Lose Hp, Chandra Reacted jpnn.com, JAKARTA - Chairman of LBH Pelita Umat Chandra Purna Irawan responded to the police explanation that said Joseph Suryadi confessed to the ... Read more »

© Copyright (c) 2016 TEMPO.CO TEMPO.CO photo, Jakarta - The National Disaster Management Agency (BNPB) said 346 houses were damaged and 770 residents were displaced by a magnitude 7.4 earthquake that occurred in The National Disaster Management Agency (BNPB). Read more »

© Provided by Coil Two officers are talking outside Nightingale North West NHS Hospital in Manchester, England, April 8, 2015. Photo: REUTERS/Phil Noble COVID-19 transmission in the UK is still not... Read more »

© the Chinese-American flag REPUBLIKA.CO.ID, BEIJING, May 15 (Xinhua) -- China will respond to the actions of the United States ( US ), which imposes sanctions on Beijing individuals or entities. The United States imposes sanctions on individuals and... Read more »

REPUBLIKA.CO.ID , MOSCOW – Russian President Vladimir Putin has asked for Western assurances that the North Atlantic Treaty Organization (NATO) will not expand further into Ukraine. According to him, such a move poses an immediate threat... Read more »

RIC Lighting, Workshop Retrofit LED Projektor To Detailing Motor © Provided by GridOto RIC Lighting, specialist workshop custom retrofit led motor projector farhan RIC Lighting, Workshop Retrofit LED Projektor ... Read more »

© Provided by Nuansatech.com the logo of the Corruption Eradication Commission (KPK) at the KPK Building. JAKARTA, Nuansatech.com – The Corruption Eradication Commission (KPK) attended the International Conference of the States Parties to the United ... Read more »

Post a Comment

Previous Post Next Post