Flawed Log4j Is Still Being Downloaded, Despite FTC Warnings | NACS

Advocacy
- We are the voice of our membership and industry on Capitol Hill. We relentlessly advocate for our members against harmful laws and regulations that can negatively impact their bottom lines.
Solutions
- NACS Membership Directory
- The electronic Membership Directory is a listing of NACS Member Companies and Individuals.
  
  Order Now
- Online Store
- THRIVR: Digital Marketing Platform
- The NACS Payment Processing Program is designed to reduce card processing fees for unbranded convenience and fuel retailers.
  
  Learn More
Research
- Purchase the Latest NACS State of the Industry Report®
  
  The convenience and fuel retailing industry’s premier benchmarking tool and the most comprehensive collection of data and trends. Discover what’s next and how to get there faster.
  
  Order Now
Events
- Government Relations
- NACS Day on the Hill
- Human Resources
- NACS Human Resources Forum
- NACS Food Safety Forum
- October 7, 2024 | Las Vegas, NV
  
  The 2024 NACS Food Safety Forum will take place October 7 in conjunction with the NACS Show. Join food safety, foodservice, and quality assurance professionals at the only industry-specific food safety event for the convenience retail community.
  
  Learn More
- NACS Show
- October 7-10, 2024 | Las Vegas, NV
  
  For four days, attendees will be networking with industry experts, attending thought-provoking and empowering education sessions, and exploring a show floor with the latest merchandise for convenience and fuel retailing.
  
  Learn More
- Webinars
- Sign up for upcoming webinars or browse through NACS’s video archive for industry best practices and case studies on a variety of topics and categories.
  
  Learn More
- Industry Calendar
- Keep up with all events that's happening in the industry.
  
  View Now
- Speaker Engagement
- We are always looking for dynamic speakers to share their expertise with our members.Submit your speaker proposal or simply add your name to our speaker database.
  
  Learn More
- Webinars
  
  Engage in prerecorded and live learning experiences without committing your entire day to a program. Through an easy-to-use digital platform, expert content leaders share their knowledge and facilitate conversations in convenient learning sessions.
  
  View Upcoming Webinars
Membership
- Renew Membership
- Existing members, renew your membership to continue to access benefits and tools that your organization needs to thrive in today's competitive market place.
  
  Renew Membership
- Membership Directory
- The online Membership Directory is a listing of NACS Member Companies and Individuals, available only to NACS Members.
  Log In to View
- Trade Press
- Trade Press at NACS Events
  View More
- Friends of NACS
- An individual can become more engaged in NACS activities by becoming a Friend of NACS. There are no membership dues associated with becoming a Friend of NACS.
  
  Check out the Benefits
- Don’t Forget to Renew Your Membership!
  Existing members, renew your membership to continue to access benefits and tools that your organization needs to thrive in today's competitive market place.
  
  Renew Now
News
- Blog
- Convenience Corner
- Podcast
- Convenience Matters
- Fuels Market News
- Fuels Market News, published by NACS, is the downstream petroleum industry’s trusted source for fuels-related news and information, covering the fuels of today and tomorrow.
  
  Visit FMN.com
- Advertise
- Our audience is part of a U.S. industry of more than 154,000 convenience stores with retailers who rely on information and insights from NACS to make them stronger and more profitable.
  
  Advertise With Us
- Read the latest issue of NACS Magazine for a monthly dose of insights, industry data and best practices from leading retailers.
  
  Read NACS Magazine
Education
- NACS Leadership for Success
- The NACS Leadership for Success program provides rising leaders in the industry an invaluable opportunity to discover personal strengths that they can use to grow their career while creating a more profitable performance-oriented environment within their company.
  Learn More
- NACS Food Safety Forum
- Webinars
- Sign up for upcoming webinars or browse through NACS’s video archive for industry best practices and case studies on a variety of topics and categories.
  
  Learn More
- We offer best-in-class education for convenience industry leaders who are driven to gain the subject matter expertise and leadership skills needed to successfully respond to the challenges of a competitive industry.
Topics
- There are myriad issues that convenience stores face every day, whether inside the store, on the forecourt, in the back office or in the boardroom. Here are some of the many topics that NACS can help you discuss and develop strategies around to enhance your business.
  
  View Trending Topics

Advocacy
- We are the voice of our membership and industry on Capitol Hill. We relentlessly advocate for our members against harmful laws and regulations that can negatively impact their bottom lines.
Solutions
- The NACS Payment Processing Program is designed to reduce card processing fees for unbranded convenience and fuel retailers.
  
  Learn More
Research
- Purchase the Latest NACS State of the Industry Report®
  
  The convenience and fuel retailing industry’s premier benchmarking tool and the most comprehensive collection of data and trends. Discover what’s next and how to get there faster.
  
  Order Now
Events
- Webinars
  
  Engage in prerecorded and live learning experiences without committing your entire day to a program. Through an easy-to-use digital platform, expert content leaders share their knowledge and facilitate conversations in convenient learning sessions.
  
  View Upcoming Webinars
Membership
- Don’t Forget to Renew Your Membership!
  Existing members, renew your membership to continue to access benefits and tools that your organization needs to thrive in today's competitive market place.
  
  Renew Now
News
- Read the latest issue of NACS Magazine for a monthly dose of insights, industry data and best practices from leading retailers.
  
  Read NACS Magazine
Education
- We offer best-in-class education for convenience industry leaders who are driven to gain the subject matter expertise and leadership skills needed to successfully respond to the challenges of a competitive industry.
Topics
- There are myriad issues that convenience stores face every day, whether inside the store, on the forecourt, in the back office or in the boardroom. Here are some of the many topics that NACS can help you discuss and develop strategies around to enhance your business.
  
  View Trending Topics

NACS News NACS Daily News Flawed Log4j Is Still Being Downloaded, Despite FTC Warnings

Flawed Log4j Is Still Being Downloaded, Despite FTC Warnings

Vulnerable versions persist because so many other pieces of software still rely on them.

February 11, 2022

Log4j Vulnerability Information

ALEXANDRIA, Va.—Despite warnings from the Federal Trade Commission, vulnerable versions of Log4j software continue to be downloaded at least tens of thousands of times each day, reports the Wall Street Journal.

These developers “don’t know what’s going on inside their software,” Brian Fox, chief technology officer for the cybersecurity company Sonatype Inc., told the Journal.

Maintained by volunteers, Log4j is a free-to-use, ubiquitous piece of software used to record activities in a wide range of systems found in consumer-facing products and services. Log4j was updated in December after Chinese e-commerce firm Alibaba reported a bug that could allow attackers to execute code remotely and potentially take over computer systems they target.

“When vulnerabilities are discovered and exploited, it risks a loss or breach of personal information, financial loss, and other irreversible harms. ... It is critical that companies and their vendors relying on Log4j act now, in order to reduce the likelihood of harm to consumers, and to avoid FTC legal action,” wrote the FTC in a blog post.

It’s possible that some developers are downloading old versions of the tool for security research or after evaluating the software’s potential threats to their organizations’ systems, reports the Journal. Flawed versions of the code are still available because so many other pieces of software still rely on them.

“There would be massive breakage of a number of systems if it disappeared, because they depend upon it,” David Nalley, president of the Apache Software Foundation, said in an interview.

Companies that must use flawed version of Log4j should build security walls around it to detect suspicious activity. Additionally, here are five steps businesses can take to avoid the Log4j vulnerability.

Related News

House Committee Advances Major Privacy Bill
Jul 21, 2022
Federal Privacy Legislation Should Apply to All Industry Sectors
Jun 14, 2022
Conexxus Sets Annual Conference Lineup
Apr 05, 2022
Here’s How to Increase Cybersecurity Safety
Apr 05, 2022
How to Up Your Cybersecurity Safety
Mar 29, 2022

Suggested Reading

Advertisement

Advertisement

Advertisement

Subscribe to NACS Daily

Also in this issue from NACS Daily

Advertisement

Conexxus Annual Conference

April 28-May 02, 2024
Arlington, TX

View All Events

Explore Cool New Products

To provide complete functionality, this web site needs your explicit consent to store browser cookies. We recommended that you "allow all cookies" so you may be able to use certain features, such as logging in, buying products, or personalizing content.