This meeting comes after White House National Security Advisor Jake Sullivan sent a letter to chief executives of Apple and other big tech companies regarding the discovery of a “security vulnerability in open-source software called Log4j that organizations around the world use to log data in their applications.”
This vulnerability was discovered in December, and within only a few days, all major companies were able to fix the vulnerability. In Apple’s case, this Log4j software offered an iCloud vulnerability.
Alongside the big tech companies, government agencies, including the Department of Homeland Security, Department of Defense, and the Commerce Department, will also be in attendance.
According to the Eclectic Light Company, Apple has patched the iCloud hole. The site reports that researchers were able to demonstrate the vulnerability when connecting to iCloud through the web on December 9 and December 10, the same vulnerability no longer worked on December 11. The exploit doesn’t appear to have affected macOS.
The vulnerability was exploited in Minecraft before Microsoft patched it over the weekend […]
Crowdstrike’s Adam Meyers said the vulnerability has been “fully weaponized” and tools were readily available to exploit it. “The internet’s on fire right now,” he added shortly after the exploit was made public.
Reuters reports that cybersecurity has been “a top priority fo the Biden administration after several major cyberattacks last year.”
If we learn of anything from this meeting, or if whether Apple and the other companies provide a statement, we’ll update this story.