What Is Log4j?
"The vulnerability, which was reported late last week, is in Java-based software known as 'Log4j' that large organizations use to configure their applications—and it poses potential risks for much of the internet." (Source: CNN)
What Will This Vulnerability Impact?
Many large companies, such as Apple, IBM, Oracle, Cisco, Google, and Amazon, all run the software. It could be present in popular apps and websites, and hundreds of millions of devices around the world that access these services could be exposed to the vulnerability. CNN reported that, according to security researchers, Apple's cloud computing service, security firm Cloudflare, and one of the world's most popular video games, Minecraft, are among the many services that run Log4j.
Obviously, the news of this vulnerability is disconcerting to everyone, especially those of us in the banking industry.
What Action Should We Take?
Let us help you perform a vulnerability scan of your network to determine if the Log4j vulnerability is present. We can offer a one-time scan of your external network (IP addresses) and public website presence.
For a limited time, we are offering this scan to our clients and friends of our firm for $499.