What you need to know now and in the future about Log4J vulnerability

Businesses and government agencies are continually under attack from cyber hackers seeking to steal and sell data, bring down critical infrastructure, or reap a major payday. These cyber attacks are becoming more frequent and more sophisticated, and businesses of all sizes are encouraged to take precautions to mitigate risk, especially at year-end when risk increases as organizations are less vigilant over the holidays.

The most recent Log4J vulnerability is a live example of how serious and impactful these threats are and will continue to be. This vulnerability is one of the worst ever seen. It is being followed and reported by Homeland Security, the FBI, and all major cybersecurity organizations. The Log4J vulnerability has received a risk score of 10 out of 10 from Mitre’s CVE program.

Jen Easterly, the director of the U.S. Cybersecurity and Infrastructure Security Agency (CISA) has warned the recently revealed Log4j vulnerability was “one of the most serious” she’s seen in her entire career, “if not the most serious”. “We expect the vulnerability to be widely exploited by sophisticated actors and we have limited time to take necessary steps in order to reduce the likelihood of damage,” Easterly explained.

To ensure organizations are safe from this flaw, a “sustained effort” will be needed, Gazlay added: “There’s no single action that fixes this issue,” he added, before saying that this is not a problem that’s going to disappear in a fortnight.

 

continue reading »