“Maturity” might seem an odd word to apply to security. As attacks become more frequent and complex, organizations need the agility to respond to new forms of cybercrime. Old ways of thinking are seldom useful in the ever-changing world of IT.
Security analysts are alarmed about a bug in software few people know about — the Log4j logging utility for Java applications. In November, researchers identified a zero-day exploit that affected the Java version of the Minecraft video game. Hackers were able to trick Log4j into storing specific character strings that allowed them to take control of the compromised machine. The hackers could then execute malicious code remotely, spread malware or steal sensitive information.