It has been reported that a major cybersecurity bug detected last year in a widely used piece of software is an “endemic vulnerability” that could persist for more than a decade as an avenue for hackers to infiltrate computer networks, a U.S. government review has concluded. “The Log4j event is not over,” the report said. “The board assesses that Log4j is an ‘endemic vulnerability’ and that vulnerable instances of Log4j will remain in systems for many years to come, perhaps a decade or longer. Significant risk remains.” The findings were the first of their kind to be issued by the Cyber Safety Review Board, a panel of experts from various government agencies and the private sector, and include recommendations for businesses to guard against the Log4j threat.
The opinions expressed in this post belongs to the individual contributors and do not necessarily reflect the views of Information Security Buzz.