On December 10th, 2021 a zero-day vulnerability was disclosed affecting the extremely popular log4j Java library. This library is used to log various items produced by a Java based program. The vulnerability has the potential to give an attacker full control of an affected system.
What makes this vulnerability particularly nasty is a few things...
Learn more about the vulnerability at the following websites:
If your organization actively develops Java based applications perform the following:
ALL organizations should review the repository below for vendor responses to this vulnerability. Check this list against ones that are in your environment to ensure your systems stay up to date.
Vendor Checklist - https://gist.github.com/SwitHak/b66db3a06c2955a9cb71a8718970c592
Contact FalconOps (https://falconops.com) to make sure your organization is protected against this latest threat and to receive a free three months of our Attack Surface Monitoring service. No strings attached, no sales pitch, and no pressure to continue after - let us show you value before you decide to purchase!