According to numerous government and media sources, malicious cyber actors are targeting a new “zero day” vulnerability on a massive scale. This vulnerability, referred to as “Log4j” or “Log4Shell,” has resulted in widespread exploitation of a critical remote code execution (RCE) vulnerability (CVE-2021-44228) in Apache’s Log4j software library.
Read the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA)’s guidance on the Log4j vulnerability here.
In response to this threat, businesses should, at a minimum, take the following steps:
- Immediately identify any systems potentially vulnerable to the Log4J attack
- Identify any software using Log4J version 2.15.0 or earlier and immediately ensure it is not being used in any production systems and patch with updated security corrections
- Identify applications that are vulnerable to this attack and use log detection to determine if you have been subject to the attack
Please feel free to reach out to the authors or a member of Faegre Drinker’s Privacy, Cybersecurity and Data Strategy team with any questions or inquiries.