If you are not already aware, on December 9, 2021, a zero-day vulnerability on Apache Log4j, nicknamed “Log4Shell” was reported. It has been characterized as “the single biggest, and most critical vulnerability of the last decade.”
Many people may have not heard of the Log4j software until the attack was first uncovered, however it is commonly used in several larger software, products, and locations. The general recommendation by the CISA is to identify which internet devices may have been impacted by the vulnerability and apply any mitigations provided by vendors as soon as they are released.
We encourage our customers to check out some of the following resources:
- Vulnerability scan to rapidly and accurately detect and assess your exposure to Log4Shell—Tenable
- Next-Generation Firewalls with Threat Prevention to block the vulnerability—Palo Alto
- Patches and solutions that can mitigate the effects of Log4j—Trend Micro
Give us a call at (888)-282-0696 or email firstname.lastname@example.org to talk more specifically about what your organization can do to minimize the threat of this vulnerability. We will help you navigate the most appropriate course of action for your cybersecurity goals.