What is Apache Log4j2 and what action should be taken?

What is Apache Log4j2 and what action should be taken?

REPORT • Dec 2021

Reports emerged on 9 December 2021 of advanced ransomware, specifically a zero-day exploit, that is of significant concern to all organisations, posing one of the greatest security risks to the internet in recent times.

Solace Cyber have shared the following advisory, recommending that all organisations take steps to investigate and mitigate the widespread risk posed.

Key Points

The vulnerability lies within Log4j2 that is an open-source Java logging library developed by the Apache foundation. Java is a programming language, used routinely in many applications and is present in many services such as Microsoft’s Minecraft, Apple iCloud, Twitter and Steam. Other affected platforms can include enterprise applications, cloud services and custom applications developed within an organisation.

Logging forms a crucial part of the run-time of these applications, providing a tool to understand a programs run-time behaviour and make it available for analysis. Because the usage of the logging framework is so highly adopted, data from businesses around the world that use these services could potentially become accessed by cyber criminals. Therefore, Solace Cyber recommend all organisations should take immediate action to mitigate the risk.

Because the usage of the logging framework is so highly adopted, data from businesses around the world that use these services could potentially become accessed by cyber criminals. Therefore, Solace Cyber recommend all organisations should take immediate action to mitigate the risk.

Solace Cyber security specialists share key actions all organisations should take, to mitigate becoming exploited by the Log4j2 vulnerability.

 

Request a call back from Solace Cyber


Recent Alerts

1354 04 Jul 2022

*WE ARE RECRUITING* Solace Global Maritime are currently recruiting highly motivated, experienced security personn… https://t.co/vICday8XgH

0957 24 Jun 2022

Solace Secure is loved by major corporations, NGO’s, government organisations, insurers & high-profile individuals… https://t.co/ZRKMWejika

0902 23 Jun 2022

Our Duty of Care guide explores 5 key questions to ask when reviewing your #travelpolicy, & how to make sure your… https://t.co/SJ5RZHMhO1

0954 22 Jun 2022

@BUcareersweb

0936 22 Jun 2022

Due to continued growth Solace Global Risk is recruiting for a Product Manager. The successful candidate work close… https://t.co/wYZUg2C0gy

1021 17 Jun 2022

Widespread discontent with the Ecuadorian President and his economic policies has triggered protests nationwide.… https://t.co/Br8sqVzWPd

1115 08 Jun 2022

Several casualties have been confirmed following reports of a vehicle mounting the pavement in #Berlin. Emergency s… https://t.co/JhpMhPv8V5

1336 07 Jun 2022

RT @CEGAGroup: Do you know your #EHIC from your #GHIC? Don't forget to check out our latest #travel tips before you go abroad - covering #C…

1057 07 Jun 2022

'Our travellers like the interface and ease of use better than the devices we currently use’. To learn more about… https://t.co/fDWWT1nV74

1340 01 Jun 2022

Increased risk for #LGBTQ+ #travellers can often be overlooked, especially to countries with heteronormative cultur… https://t.co/1vuHordzLM

1004 20 May 2022

RT @PataYamahaBRIXX: Welcome to the team @SolaceGlobal! Find out more about our new cyber security & travel risk partnership and how you ca…

0959 20 May 2022

We have become official risk & security management partners of Crescent Yamaha for the WorldSBK series. To celebrat… https://t.co/XnuBO2DNQR