TP ICAP plc (LON: TCAP), which is the world’s largest inter-dealer broker, announced on Tuesday that its security team is investigating and evaluating a vulnerability, which could have the potential to allow a remote attacker to execute code on the server.
As detailed by the company, the vulnerability is in the Log4j Java library remote code execution (RCE), also known as Log4Shell. The vulnerability was disclosed on December 9 by the Apache Log4j project.
“There is no evidence that this vulnerability has been exploited successfully against TP ICAP,” the official announcement stated. “Since learning of the vulnerability, TP ICAP has been evaluating its exposure and methodically remediating as patches have become available. In addition, we have been deploying signatures and enhanced security controls to further protect our environment from the Log4j exploit.”
Moreover, TP ICAP assured that its security team will continue to assess the impact of the vulnerability on its systems and will ‘remediate or mitigate as required’.
“We will provide further updates as necessary,” the company added.
Expanding Footprint
TP ICAP is a major player in the institutional trading industry, and it is only expanding its reach. Earlier this year, it acquired the dark pool operator, Liquidnet and is also going to launch crypto trading services for its institutional clients.
Furthermore, the company strengthened its data analytics and post-trade service with a new product and even launched a fully automated Spot FX matching platform, called SpotMatch.
Despite a pullback in its business in the first half of the year, TP ICAP reported a solid 15 percent gain in its revenue in the third quarter of 2021 to around $610.20 million, Finance Magnates reported.