Photo by Amelia Holowaty Krales / The Verge
Peter Membrey, chief architect of ExpressVPN, remembers vividly seeing the news of the Log4j vulnerability break online.
“As soon as I saw how you could exploit it, it was horrifying,” says Membrey. “Like one of those disaster movies where there’s a nuclear power plant, they find it’s going to melt down, but they can’t stop it. You know what’s coming, but there are very limited things you can do.”
Since the vulnerability was uncovered last week, the cybersecurity world has kicked into overdrive to identify vulnerable applications, detect potential attacks, and mitigate against exploits however possible. Nonetheless, serious hacks making use of the exploit are all but certain.