Going with the latest Log4j News, US Federal Trade Commission (FTC) has warned all the companies that it will take stern action against firms that fail to protect critical information related to Log4j vulnerability.
Therefore, FTC is urging companies to take appropriate security measures that will help in blocking data exposure to hackers who could exploit Log4J Apache vulnerability anytime.
In support of the Gramm Leach Bliley Act, FTC is advising companies to follow the CISA formulated guidance to mitigate the risks associated with Log4J.
On December 21st, 2021, US Cybersecurity and Infrastructure Security Agency aka CISA released a playbook that helps businesses in patching information that could be exposed due to Apache Log4J flaw.
On the other hand, tech giant Microsoft has also issued a warning to companies operating across the globe to remain vigilant about state funded attacks that could compromise systems using the Log4j vulnerability.
The Windows OS giant also warned its Azure customers against few ransomware spreading gangs that could use the Log4Shell flaw to induce malware into the corporate network.
Some technology enthusiasts predict that it could take years for the Apache software foundation to fix the error logging software as it is used worldwide on millions of PCs.
Note- Ransomware spreading groups such as Conti were found exploiting the said Apache vulnerability to indulge in double extortion attacks. Usually, such gangs steal data and then encrypt a database until a ransom is paid in Cryptocurrency. Also, these gangs are capable of wiping out data from backup systems.