U.S. Federal Trade Commission issues notice regarding Apache’s Log4j vulnerabilities. The FTC says organizations failing to mitigate against the vulnerabilities may face legal action. The vulnerability in the popular Java logging package – the first and most severe tracked as CVE-2021-44228 – poses a risk to millions, or hundreds of millions, of products, enterprise software and web applications. Officials at the FTC also confirm that the “vulnerability is being widely exploited by a growing set of attackers””]
Source: https://www.cuinfosecurity.com/ftc-threatens-action-against-orgs-failing-to-mitigate-log4j-a-18245