There are not yet many public reports of crippling hacks stemming from the Log4j vulnerability. Still, security professionals spent much of the weekend frantically trying to find and fix every potential place it can be exploited, said Wesley McGrew, a cybersecurity fellow at MartinFederal, a federal contracting company.
“It’s a combination of a new vulnerability being simultaneously widespread and easy to exploit,” McGraw said. But on Tuesday night, John Hultquist, vice president of intelligence analysis at the cybersecurity company Mandiant, said that state-sponsored hackers in China and Iran have begun taking advantage of the flaw. Microsoft"The Iranian actors who we have associated with this vulnerability are particularly aggressive," Hultquist said in a statement.
A spokesperson for China's embassy in Washington didn't immediately respond to an emailed request for comment. Our goal is to create a safe and engaging place for users to connect over interests and passions. In order to improve our community experience, we are temporarily suspending article commentingThe computing world is struggling this week to contain a significant vulnerability in Log4J, an extremely common piece of open-source code.Why it matters: Experts say the flaw leaves hundreds of millions of systems vulnerable to attack, with the head of the U.S.
Past tense of lead is led.