According to numerous government and media sources, malicious cyber actors are targeting a new “zero day” vulnerability on a massive scale. This vulnerability, referred to as “Log4j” or “Log4Shell,” has resulted in widespread exploitation of a critical remote code execution (RCE) vulnerability (
CVE-2021-44228) in Apache’s Log4j software library.
Read the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA)’s guidance on the Log4j vulnerability here.
In response to this threat, businesses should, at a minimum, take the following steps:
- Immediately identify any systems potentially vulnerable to the Log4J attack
- Identify any software using Log4J version 2.15.0 or earlier and immediately ensure it is not being used in any production systems and patch with updated security corrections
- Identify applications that are vulnerable to this attack and use log detection to determine if you have been subject to the attack