Skip to main content

Featured Post

AMD to invest $400 million in India by 2028: Here’s what we know

US chipmaker Advanced Micro Devices said on Friday it will invest around $400 million in India over the next five years and will build its largest design center in the tech hub of Bengaluru. AMD’s announcement was made by its Chief Technology Officer Mark Papermaster at an annual semiconductor conference that started Friday in Prime Minister Narendra Modi’s home state of Gujarat. Other speakers at the flagship event include Foxconn Chairman Young Liu and Micron CEO Sanjay Mehrotra. Despite being a late entrant, the Modi government has been courting investments into India’s nascent chip sector to establish its credentials as a chipmaking hub. AMD said it will open its new design centre campus in Bengaluru by end of this year and create 3,000 new engineering roles within five years. “Our India teams will continue to play a pivotal role in delivering the high-performance and adaptive solutions that support AMD customers worldwide,” Papermaster said. The new 500,000-square-foot (55,5...
1 comment
Read more
Labels

Internet users at high risk! New vulnerability allows malicious actors to take control of devices

A major vulnerability has been discovered in Apache Java logging library, Log4j. It can be exploited to gain control of various servers which impacts some of the biggest companies as well as some third-party small companies. The major issue with this new vulnerability is that almost any malicious actor can take control of the servers with extreme ease. The exploiter can then take control of some of the systems that uses these servers.

The Indian cybersecurity agency Cert-In has also issued an alert against the new vulnerability with the severity rating of ‘high’. Log4j, is a popular Java-based logging package that has been built by Apache Software foundation. Almost all versions of the software have been impacted by the vulnerability ranging from 2.0-beta-9 to version 2.14.1. While Apache did release a fix in version 2.15.0 in its latest update, the real challenge will be to get all the servers that use its software to update the patch in time. Cybersecurity experts have called it one of the biggest threats to ever face the internet.

According to the Indian nodal cybersecurity agency, the vulnerability could allow a remote attacker to gain full control of the targeted servers. The remote attacker could exploit this vulnerability by injecting a specially crafted malicious payload.

If the malicious actor becomes successful in exploiting this vulnerability, they can execute arbitrary code and lead to gain full control of the targeted servers.

Popular game Minecraft is one of the platforms where the vulnerability has been in active use. Some users on the online gaming platform have managed to control systems of other users by just pasting short messages in the chat box. Microsoft owns Minecraft and it has already released a patch for the vulnerability. Any user on the latest version, will be safe from the vulnerability. Some other big platforms that may have already been impacted includes Apple, Amazon and Twitter.

Marcus Hutchins, a cybersecurity specialist stated,  “This log4j (CVE-2021-44228) vulnerability is extremely bad. Millions of applications use Log4j for logging, and all the attacker needs to do is get the app to log a special string. So far iCloud, Steam, and Minecraft have all been confirmed vulnerable.”

The flaw was first discovered late in November by the cybersecurity team of Chinese tech giant Alibaba. The fix to the vulnerability was developed in two weeks and then released by  Apache Software Foundation.

The post Internet users at high risk! New vulnerability allows malicious actors to take control of devices appeared first on BGR India.



from BGR India https://ift.tt/3DEHunG
via IFTTT
Email Post
Labels:

Comments

Post a Comment

add