CAPITAL REGION, N.Y. (NEWS10) – While the busy holiday shopping season nears its conclusion, cybersecurity experts are urging users to be aware of a security risk impacting a widely used program, and the simple steps everyone can take to make sure they’re protected.
Experts warn of the potential impacts of a critical online vulnerability, “It’s in literally millions of software that we use on a daily basis,” James Globe, the Vice President of Operations for the Center for Internet Security explained.
The weakness detected in Log4j, an activity logging program that’s utilized by many large companies.
“Now, it’s important to point out this is a vulnerability that can be exploited by cybercriminals, that doesn’t mean it has been exploited,” Globe said.
Companies that use the program, like Amazon, are urging users to make their apps are up to date, as the latest version of Log4j addresses the weakness.
“You have to update it. But I think there will be more information out there for the public from Amazon and everyone else to update it,” said Sanjay Goel, the chair of information security and digital forensics at the University at Albany.
Goel says it’s unlikely you’ll fall victim to the vulnerability, “I think in the next three or four days, we’ll probably control it because the fixes are very simple.”
Even still, CIS, which is based in East Greenbush, is encouraging everyone to act under the assumption that they are impacted, noting the impact these attacks can have.
“The weakness that can be exploited is a cybercriminal gaining access to the backend file server where you have a lot of proprietary and high-end data on that server,” said Globe.
Globe says you should also think about updating your passwords and keep an eye out for any suspicious financial transactions.