What is Apache Log4j2 and what action should be taken?

What is Apache Log4j2 and what action should be taken?

REPORT • Dec 2021

Reports emerged on 9 December 2021 of advanced ransomware, specifically a zero-day exploit, that is of significant concern to all organisations, posing one of the greatest security risks to the internet in recent times.

Solace Cyber have shared the following advisory, recommending that all organisations take steps to investigate and mitigate the widespread risk posed.

Key Points

The vulnerability lies within Log4j2 that is an open-source Java logging library developed by the Apache foundation. Java is a programming language, used routinely in many applications and is present in many services such as Microsoft’s Minecraft, Apple iCloud, Twitter and Steam. Other affected platforms can include enterprise applications, cloud services and custom applications developed within an organisation.

Logging forms a crucial part of the run-time of these applications, providing a tool to understand a programs run-time behaviour and make it available for analysis. Because the usage of the logging framework is so highly adopted, data from businesses around the world that use these services could potentially become accessed by cyber criminals. Therefore, Solace Cyber recommend all organisations should take immediate action to mitigate the risk.

Because the usage of the logging framework is so highly adopted, data from businesses around the world that use these services could potentially become accessed by cyber criminals. Therefore, Solace Cyber recommend all organisations should take immediate action to mitigate the risk.

Solace Cyber security specialists share key actions all organisations should take, to mitigate becoming exploited by the Log4j2 vulnerability.

 

Request a call back from Solace Cyber


Recent Alerts

1101 26 Jan 2022

Solace Global Intelligence brings to you our 2022 Global Outlook. Our forthcoming series looks at what risks lie in… https://t.co/fHHxAfxYHH

1421 25 Jan 2022

#BurkinaFaso has seen its latest coup in the region in a number of months To learn more read our Alert+:… https://t.co/Xo1Avqq8f8

1119 24 Jan 2022

#Cybersecurity related Google searches jumped by nearly 49% throughout 2021, with organisations naming cyber threat… https://t.co/hK5c2sY8MV

1004 19 Jan 2022

#COVID-19 has touched every corner of the globe leading to an increase in political tensions & growing unrest.… https://t.co/3wCLCriJM1

1633 17 Jan 2022

#Tonga’s HungaTonga-Hunga Ha'apai underwater volcano erupted violently at 04:10 GMT on 15 January. Triggering tsuna… https://t.co/AoJ79Pddbj

1630 06 Jan 2022

Due to continued growth, Solace Global Maritime is recruiting for Commercial Operations to join our team in Poole,… https://t.co/JyKeaJexrT

1133 04 Jan 2022

We are #recuriting for Response Operations Managers. This a frontline role in risk management based at our 24/7 r… https://t.co/t6VWIiHpne

0915 24 Dec 2021

Your weekly digest of key #COVID-19 updates from our intelligence analysts is now ready to view. Be the first to r… https://t.co/b43nnUaAmI

1035 21 Dec 2021

As the #globalrisk landscape continually changes, we want to ensure our intelligence is relevant to the real concer… https://t.co/p4j2U7VHST

1333 15 Dec 2021

Solace #cybersecurity specialists share further information on the #apache #log4j exploit. We review what the… https://t.co/he1oScPdYg

1021 14 Dec 2021

On 10 December, parts of Mississippi Valley saw intense #storms & #tornadoes. Read more below with action to take i… https://t.co/6uzBhBXDyy

1309 13 Dec 2021

Advisory for new & highly critical #cybersecurity vulnerability, #Log4J. Log4J creates a #backdoor within the… https://t.co/bbH6qucvKe