This video is brought to you by wealthfront check out their link down below hey everyone me kevin here. Yesterday, crypto prices went insane on coin market cap, where all of the prices seem to be multiplied by like 15 to 9 million, which was insane everybody felt like they were a trillionaire. You had this same issue then show up on binance, which potentially makes sense because binance owns coin market cap after all, but you also saw the issue show up on crypto.com other apps and even coinbase and coinbase pro, where they had to start basically removing the appearance Of coins from people's profiles to prevent them from thinking that they can sell and become trillionaires folks. This is maddening.

The crypto disaster of yesterday was crazy, but there is also a crazy vulnerability that exists in our internet ecosystem right now. That could end up proving jerome powell right today. A lot of folks are going to be talking about jerome powell, but they're going to forget what jerome powell says. The biggest vulnerability in america is and that's not terrorism.

It's not a banking crisis. It's not a financial crisis, it is cyber security and folks according to at least one cyber security. Ceo, this right now, what we are facing is the single biggest most critical vulnerability of the last decade and folks, who knows, but maybe it had something to do with the crypto glitch and disaster that we saw yesterday in this video, i'm going to break down what The latest vulnerability is and how software and apps that you use, including things like icloud, tesla steam and millions of other servers servers. Not people could be affected by let's get right into it.

So, first, according to sis admins across the world, this is a cis admins. Worst nightmare: why? Because what we're experiencing is a zero day, vulnerability known as the log for shell vulnerability and it has to do with an exploit in the log for j or log for java, essentially portion of apache and the purpose of log4j is data logging for java applications. Data logging is exactly what it sounds like you wait for a system to log events that have happened. You know this could be useful for appliance banking troubleshooting, you name, it makes sense.

So far. Right apache contains a data, logging, utility called log4j and that's used for java and currently has this major vulnerability. The apache software foundation is, in fact the one who acknowledges that this could affect millions of servers. A world wide twitter, cloudflare, icloud steam, you name it cloudflare's c, chief, a security officer, joe sullivan, goes as far as saying i'd be hard-pressed to think of a company that is not at risk and so started.

Taking a look at what the heck, this is, and here's what we know well, first, a message from our sponsor good long-term investing doesn't have to feel like a roller coaster. You can't help but feel beat up, sometimes, if you're trying to do it all yourself in time to market there's tons of data out there. That shows that investing in globally diversified funds and portfolios of low cost index funds is quite simply the best way to steadily grow your wealth. If it sounds complicated, don't worry it's much easier than it sounds regardless of your financial knowledge.

Wealthfront makes it easy, affordable and accessible to invest to open a new investment account. You just need 500 and a few minutes of your time. Wealthfront handles the rest for an annual fee of just .25, which is virtually nothing when you consider the stress savings alone. Once you open and fund your account wealthfront software will manage all of it.

For you, it employs strategies like rebalancing to keep you at a desired risk threshold and it will even look for opportunities to lower your taxes through tax loss, harvesting. All done automatically from general savings to retirement accounts. Wealthfront has you covered? You can have wealthfront, create a portfolio for you based on your risk, tolerance or, if you want, you can build it from scratch as well. This is great for those who want the benefits of an automated investing platform with more freedom.

So if you want to focus more of your money into tech or evs or maybe healthcare, you can use wealthfront to build a portfolio based on exactly the sectors that you really believe in. So all you have to do is check out the link down below go to invest.wealthfront.com, meet kevin and learn more. We know that this vulnerability is not only widespread, but it's potentially catastrophic. It basically allows attackers to remotely execute code on other people's servers.

So in the case of crypto in theory, somebody could remotely send a ping essentially - and i'm oversimplifying here, send a ping or a message to a server and then have a server execute a total set of code. This is a very similar exploit, but it's different from the last time. We saw a major exploit like this, and this was heartbleed back in. I believe 2014.

take a look at how heartbleed would work and it shows you how bad this is usual server response would be hey. You send a message server. Send me a four letter word if you're alive, it's like a ping. Send me the word bird.

If you're alive, let's say server replies with bird hey, i'm alive, i'm online okay, now malicious usage, which is similar slightly different, but similar to this log4j, exploit okay watch how bad this is. Okay, server send me this 500 letter word. If you are there and then all of a sudden uh, you know, rather than replying with the word bird, which is a four-letter word, the server replies with the following bird server master key is the following, and the user wants to change their password to blah blah Blah blah blah, in other words, giving somebody potentially unrestricted access to servers. This was so bad that folks, in minecraft were able to send messages to other people, then, just by sending a message to somebody else force a server to make changes on their end, allowing people in minecraft to basically get hacked through this glitch.

This is crazy. I mean you can remotely execute code basically on somebody else's server, just by sending them a message. This is bad and not a lot of people are talking about it because it's slightly complicated, but i'm not a tech expert, and this just sounds bad. This folks is one of the biggest vulnerabilities seriously that we've seen since heartbleed heartbleed came out in feb 2012, but wasn't patched until april of 2014, because folks didn't really realize it until 2014, because then it started getting exploited.

These these vulnerabilities can exist and they become issues when they start getting exploited. It's worth noting that cyber security form from crowdstrike recently updated their blog and said that crowdstrike has identified a malicious java class file, hosted on an infrastructure database associated with a nation state adversary. So you're already starting to potentially get a terrorist sponsoring states using this exploit very bad. Who knows the crypto price changes we saw yesterday could just be the tip of the iceberg.

We don't know if these are related, but it's just worth noting massive crazy crypto glitch. Yesterday, which is the day after this log 4j issue, started becoming a lot more known and now we're talking about it the day after and who knows this could just be the beginning. I mean uh aws, with amazon, just sent out another alert that they're having an outage. It's it's ridiculous, but anyway, this vulnerability is huge.

Uh and here's. Here's some important things to keep in mind cyber security agencies around the world, including the united states, cyber security and infrastructure security agency are issuing a lot of alerts on this, and it was actually surprisingly alibaba's a cloud security team who first disclosed this vulnerability. This vulnerability was initially made public, though not popularized. Until the last couple days here was initially made public on the 9th and basically users have been instructed to update their servers uh to a to a new version or reconfigure as soon as possible.

But it's not as easy as it sounds, because, if you're using older versions of java, you can't just upgrade to log4j, even if your java was up to date, an update could cause downtime which cause it could cause compliance issues or or just functionality, issues. It's not that easy to just update and so patching. This has become a very big issue, and so this is where you actually - and this is potentially a stock to keep an eye on, though the valuation's a little wild look at a company like cloudflare. So cloudflare acts as kind of like a bodyguard of the internet.

To try to prevent these sorts of things from happening i'll just quickly depict how this could look. So, let's say rather than fixing the issue over here, which obviously is the ultimate goal. Let's say rather than your server communicating directly with the client, you had a bodyguard in between and it was called cloudflare and so basically, when a client requests information from your server, it goes to cloudflare first and then cloudflare gets the information checks to make sure. It's not extra information and then ultimately says no.

No, no! We're not sending all that we're just going to send this and then provides what's being asked. So if you get a company like cloudflare, which does a whole host of services, this being one example of them. They do cdn services or whatever as well. They can actually stand between the client and the server to prevent these sorts of issues.

Once somebody gets into your server, it's bad bad, bad days. That's why this vulnerability is a big big issue and it's one of the things that's made me appreciate the fact that not only is cloudflare a seven-figure investment for me, so i just want to be very transparent. I do invest in the stock, but and look there are other cyber security companies even crowdstrike. Honestly crowdstrike has probably a better forward valuation.

A crowdstrike has a forward pe to 2025 of 90. cloudflare has a forward pe of 353.. Now it's recently come down about 30 off of all-time highs. It's performed incredibly well.

Uh they're, expecting 39 year-over-year growth with 78 gross margins. Crowdstrike is expecting somewhere around 33 year-over-year gross with 76 gross margins. So these are. These are incredible companies but more nascent technologies.

So you're paying a lot valuation-wise for these companies, but these sorts of vulnerabilities continue to reiterate to me. Gosh we got ta, we really got ta pay attention to cyber security and i feel like it's just it's not sexy yet because we're not seeing the big big hacks yet, but i think personally we're starting to see the red flags. The red flags are the crypto glitch. We saw yesterday the aws outages that we keep seeing the fact that companies like crowds cloudflare, can stand in between servers and clients to prevent these sorts of crazy issues.

Cyber security is is something that people think of when you need it. It's kind of like you, don't wake up thinking about the cops every day, but you know they're there uh. No, i don't want to get political about liking. Cops they're not liking cops right, but the point is you, like: you expect the cops to show up if you dial 9-1-1 right.

Imagine if you didn't have a 9-1-1 that'd be kind of like being naked on the internet without uh cyber security firms. So it doesn't have to be these companies. But i highly encourage pay attention to cyber security going forward for this next decade, because when jay pal says that is the biggest risk we face and we're seeing these massive sorts of vulnerability that could give people access to to basically any server across the world. It's no surprise that hacks like what we saw with uh crypto, are happening or not necessarily hacks or it could have just been a glitch but um i get sussed out when i think that okay, it's just a glitch that'll excuse me, then, all of a sudden.

Sorry i get allergic and i start coughing when i think of all the bs that this isn't actually a hack anyway. Why do i not think it's it's uh, it's a glitch. I think it's not because why? All of a sudden are we getting some random altcoin uh called cocos uh, showing up at the top of coin market cap as the number one most uh substantial cryptocurrency, and we see that despite it not even lining up price wise uh with uh with bitcoin or Ethereum after the glitch, this is a token that's ranked 483 right now on coin market cap uh, it's down three percent today, but i i'm just a little sussed out when you see if see things that kind of leave the fingerprints or the breadcrumbs of a hack. It kind of makes me start thinking about cyber security.

Now i could be wrong about all this. It's just my opinion about this glitch. We saw. We know this massive vulnerability exists and, let's just say, i'm buying the dip on cloudflare, okay, full transparency out there.

If you appreciate these sorts of videos, please consider checking out my programs and building your wealth check out, that link down below for a wealthfront and folks, we'll see in the next one thanks so much goodbye.