The critical vulnerability identified as CVE-2021-44228, affects the Java logging package Log4j. Apache’s Log4j is used across the Internet as a tool for logging changes in applications and software. The vulnerability is simple to exploit allowing an attacker to establish a foothold and steal data or run malicious software. The universe of cyber adversaries including infamous nation-state sponsored hacking groups Hafnium and Charming Kitten are actively working to target this vulnerability to exfiltrate data and drop malicious payloads.
Tego advises that any organization using the Log4j upgrade to log4j-2.16.0 immediately. Importantly, the log4j package may be bundled with an organization’s software. Those organizations and may have to wait for their software vendors to push security updates out for their affected products. In that case, Tego recommends affected customers contact their software vendors immediately to gain visibility into the timing of said updates and establish actions to mitigate the risk of exploitation.
Tego is assisting customers in identifying the vulnerability in the customer environments, providing guidance for patching and identifying risk mitigation actions. Please contact your Tego account manager today to discuss the steps your organization should follow to reduce the risk posed by the virulent Log4j vulnerability.