Subscribe

U.S. Set December 24 Deadline To Fix Security Flaws

December 17, 2021

The U.S. Cybersecurity and Infrastructure Security (CISA) has set December 24 as the deadline for security patches to be applied by federal agencies.

These and other security advisories became necessary due to the growing importance of the Log4j flaw that is massively being exploited by attackers.

The agency instructed federal agencies to “mitigate” the vulnerability by patching IT systems with new software by December 24. In the last four months, Log4J the code containing the flaw was downloaded 84 million times.

The heightened fears surrounding the bug are necessary due to the ease with which the bug could be exploited by attackers.

John Graham-Cumming, chief technical officer of Cloudflare, explained: “For example, when you buy something online, your username might be written to a log file for later processing. Unfortunately, a flaw in Log4j meant that by using special characters in data that is logged, it is possible to get a machine inside a company to run code that an attacker controls. This gives them a foothold inside what would normally be a secure, protected computer.”

For more information, read the original story on the BBC.

Top Stories

Meta faces backlash after facial recognition code found in smart glasses app

Apple reportedly taps Google Gemini and Nvidia Blackwell Chips for new Siri

Researchers warn AI coding agents can be manipulated through hidden skill files

Amazon shuts down internal AI leaderboard after employees found ways to game the system

Google CEO pushes back on ‘Google Zero’ fears 

Tesla insiders say they wouldn’t trust Full Self-Driving

Related Articles

New ‘HTTP/2 Bomb’ attack can crash major web servers from a single computer

June 5, 2026 Security researchers have disclosed a new denial-of-service attack called HTTP/2 Bomb that can overwhelm major web servers more...

CISA exposed internal passwords and cloud keys in public repository

May 20, 2026 The Cybersecurity and Infrastructure Security Agency, the arm of the U.S. government tasked with protecting critical infrastructure more...

Canvas restores service after cyberattack disrupted schools and universities

May 11, 2026 Instructure has restored access to its Canvas learning platform after a cyberattack disrupted service for universities and more...

Security researcher finds extensive tracking and security concerns inside White House mobile app

May 6, 2026 The official White House mobile app for iOS and Android is facing scrutiny after a security researcher more...

Picture of TND News Desk

TND News Desk

Staff writer for Tech Newsday.
Picture of TND News Desk

TND News Desk

Staff writer for Tech Newsday.

Jim Love

Jim is an author and podcast host with over 40 years in technology.

Share:
Facebook
Twitter
LinkedIn