Federal Trade Commission to Monitor Measures to Address Log4j

While a lot of countries are taking increasingly more draconian measures to deal with people who had not taken enough Covid-19 jabs, the US Federal Trade Commission announced that it will too be going after companies that fail to take sufficient measures to address the ubiquitous Log4j vulnerability.

At this point in time, everyone who has dealings with computers in any capacity has heard of the infamous Log4j security flaw that was disclosed in late 2021 and that shook the world so hard, the aftershocks will reverberate well into 2022, at best.

FTC Stepping Up

After Microsoft recently warned of the increasing number of scans and probes being detected that seek Log4j-vulnerable systems, now the FTC has stepped in as well. In the relatively brief and to the point announcement, the Commission states that it "intends to use its full legal authority to pursue companies that fail to take reasonable steps to protect consumer data from exposure as a result of Log4j, or similar known vulnerabilities in the future."

The release further links to the official Cybersecurity and Infrastructure Security Agency guidance to assist companies in figuring out whether they use software that contains the vulnerability.

In what seems like an effort to show everyone they mean business, the Commission's announcement also mentions that Equifax agreed to a $700 million payment in the past, to settle actions by the FTC. The Equifax incident involved an outdated piece of software that had known and patched vulnerabilities still being used, which led to the data of over 145 million customers.

Log4j - the Poisonous Gift that Keeps on Giving

While every major software vendor is rushing to push and propagate updates to address Log4j, threat actors are being very active as well and are coming up with new exploits and attack vectors that abuse the vulnerability on systems where it is still not patched, so the race is on and it looks like it's going to be an uphill battle throughout the new year.

January 6, 2022

Cyclonis Backup

The Free Basic Cyclonis Backup plan gives you 2 GB of cloud storage space with full functionality! No credit card required. Need more storage space? Purchase a larger Cyclonis Backup plan today! To learn more about our policies and pricing, see Terms of Service, Privacy Policy, Discount Terms and Purchase Page. If you wish to uninstall the app, please visit the Uninstallation Instructions page.

Cyclonis Password Manager

FREE Trial: 30-Day One-Time Offer! No credit card required for Free Trial. Full functionality for the length of the Free Trial. (Full functionality after Free Trial requires subscription purchase.) To learn more about our policies and pricing, see EULA, Privacy Policy, Discount Terms and Purchase Page. If you wish to uninstall the app, please visit the Uninstallation Instructions page.