What’s going on?
Log4j is commonly used in Java applications of all shapes and sizes. Versions up to 2.15.0 have a critical vulnerability which is being actively exploited. Attackers are almost certainly using it to:
collect credentials from running servers install ransomware and crypto miners exfiltrate data from organisations.
This vulnerability can impact any system, not just applications that are directly on the internet. For example, if a back-end system logs requests that are sent by a front-end application, attackers may be able to use the Log4j vulnerability to attack them.
What should you do? Identify vulnerable systems
The first step is to identify what applications you have that use a vulnerable version of Log4j.
Start with a list of software you use in your organisation. In most cases, the easiest way to tell if a product is vulnerable will be to check the vendor website. However, vendors are still working through their own product lists. Systems which are not currently on vendor lists may still be proven vulnerable.
You can also search for the Log4j JAR file on your servers or look for file hashes of vulnerable versions. However, as Log4j is included as a library in third
Read More: https://cybercx.com.au/cyber-security-resources/log4j-critical-vulnerability-cve-2021-44228-practical-tips-to-protect-your-organisation/?utm_source=rss&utm_medium=rss&utm_campaign=log4j-critical-vulnerability-cve-2021-44228-practical-tips-to-protect-your-organisation