53.2 F
Washington D.C.
Wednesday, December 7, 2022
spot_img

No Significant Intrusions Related to Log4j Flaw Yet, CISA Says

However, they warned about the possibility of attackers exploiting the flaw later because of its prevalence.

In the one month since news broke of a critical remote code execution vulnerability in the Log4j logging framework, there have been no major intrusions tied to the flaw in the US, officials from the Cybersecurity and Infrastructure Security Agency (CISA) said Monday.

However, they warned about the possibility of attackers exploiting the flaw later because of its prevalence — hundreds of millions of devices and components have the vulnerability — and the ease with which it can be exploited.

“We do expect Log4j to be used in intrusions well into the future,” said CISA director Jen Easterly in a virtual press conference. “We are concerned that threat actors are going to take advantage of this vulnerability,” especially against critical infrastructure targets.

Read more at Dark Reading

Homeland Security Todayhttp://www.hstoday.us
The Government Technology & Services Coalition's Homeland Security Today (HSToday) is the premier news and information resource for the homeland security community, dedicated to elevating the discussions and insights that can support a safe and secure nation. A non-profit magazine and media platform, HSToday provides readers with the whole story, placing facts and comments in context to inform debate and drive realistic solutions to some of the nation’s most vexing security challenges.

Related Articles

- Advertisement -

Latest Articles