Security Advisory: Serious Compromise of Java (Apache Log4j Library)
 
December 14, 2021

On Friday, December 10th, 2021 CVE (Common Vulnerabilities and Exposures) reported a critical vulnerability in the Apache Log4j Library, which CVE has ranked as a severity level 10 out of 10. This potentially affects millions of businesses, governmental and educational institutions. It is clear that cybercriminals have already begun exploiting this vulnerability.

The Apache Foundation has recommended that all developers update their Java libraries, and if that is not possible, other mitigation tactics may be found on the ApacheLog4j security vulnerabilities page.

Our security systems at SECNAP are not affected by this vulnerability because we do not use this Java library in our systems. Additionally, our CloudJacketX IDS/IPS platform is monitoring for this vulnerability and associated exploit indicators, and we will be alerting our customers if we discover Log4j related activity within their networks. We also recommend to customers who have not recently performed security assessments, pen testing, or internal and external scanning to contact us HERE

SECNAP’s security operations centers will continue to monitor this situation as it progresses and will provide additional information as it develops.

If you have any questions, please contact us

 
SECNAP-CloudJacket-Xi

Ensure your organization has robust cybersecurity protection that quickly identifies and contains potential breaches.

Name(Required)
I want to learn more about SECNAP's solutions.

Stay up-to-date with the latest news and trends in cyber security. Follow SECNAP Network Security’s social media channels and get valuable insights, tips, and information to help protect your organization from online threats:

More Related Posts