もっと詳しく

An anonymous reader quotes a report from ZDNet: The Belgian Ministry of Defense has confirmed a cyberattack on its networks that involved the Log4j vulnerability. In a statement, the Defense Ministry said it discovered an attack on its computer network with internet access on Thursday. They did not say if it was a ransomware attack but explained that “quarantine measures” were quickly put in place to “contain the infected elements.” “Priority was given to the operability of the network. Monitoring will continue. Throughout the weekend, our teams were mobilized to contain the problem, continue our operations and alert our partners,” the Defense Ministry said. “This attack follows the exploitation of the Log4j vulnerability, which was made public last week and for which IT specialists around the world are jumping into the breach. The Ministry of Defense will not provide any further information at this stage.”

Multiple reports from companies like Google and Microsoft have indicated that government hacking groups around the world are leveraging the Log4j vulnerability in attacks. […] Centre for Cybersecurity Belgium spokesperson Katrien Eggers told ZDNet that they too sent out a warning to Belgian companies about the Apache Log4j software issue, writing that any organization that had not already taken action should “expect major problems in the coming days and weeks.” “Because this software is so widely distributed, it is difficult to estimate how the discovered vulnerability will be exploited and on what scale,” the Centre for Cybersecurity Belgium said, adding that any affected organizations should contact them. “It goes without saying that this is a dangerous situation.”

Read more of this story at Slashdot.