Many social media, storage and gaming services have been disclosed as compromised by a simultaneous zero-day vulnerability. The IT experts of the companies rolled up their sleeves to close the gap called ‘Log4Shell’.
Cyber security experts stated in their warning that iCloud (Apple), Minecraft, Twitter, Amazon and Cloudflare are among the companies and services that are at risk due to the vulnerability.
Hackers’ new hunt
Stating that servers using ‘Apache Struts’ as a standard are vulnerable to the zero-day vulnerability, IT experts warned companies against possible disasters. Because by exploiting the vulnerability, millions of devices can be damaged through remote code execution. It is also known that hackers are currently looking for servers with this vulnerability called ‘Log4Shell’. So companies need to act quickly to fix their deficits.
Repairs to many open source projects have already begun. Minecraft server Paper is one of them. The services and companies that LunaSec, the application security company that made the statement, said are in danger and should close the gap, are as follows: iCloud (Apple), Minecraft, Twitter, Amazon, Cloudflare, Steam, Baidu, NetEase, Tencent and Elastic.
What does the ‘zero day’ we hear a lot in cyber attacks mean?
Zero-day vulnerability is the name given to newly discovered security vulnerabilities that can be easily used by hackers. A vulnerability is a zero-day vulnerability from the time it is first discovered until work begins to be remedied. Attacks using this vulnerability, of which the party is unaware, are called zero-day attacks.
52742
