What has happened?
A very significant vulnerability in the “Log4j” library was discovered on Friday 10th December. While the name log4j might not mean anything to most people, its code is used in a huge variety of different software products. This is about as bad as it gets – an easily exploitable vulnerability in software that is used by most companies all over the world. Cybercriminals are already exploiting this vulnerability to hack into companies all over the world, and it is not being over dramatic to say that you need to be assessing your exposure to this vulnerability right now.
What can happen?
A cybercriminal could exploit this vulnerability to take complete control of any system that uses log4j. A simple command sent to a vulnerable system, from anywhere in the world, will allow them to take complete control of it. Imagine that system stores your sensitive documents, or your HR data, or is a VPN that grants the hacker access to your internal network.
Will it affect my business?
Almost every business could be, and probably is, vulnerable. The worst part is that the exploitation of this vulnerability is trivially easy and can be done without requiring any interaction from the victim. The list of vulnerable software products is huge and even includes many security products.
Does Falanx Cyber’s fully-managed XDR service protect against this vulnerability?
Yes, both Falanx Triarii and Falanx Triarii for Sentinel XDR prevent this vulnerability from being exploited. If you are not a Triarii customer already, contact us now to find out how Falanx Triarii will protect you against this vulnerability and shields your network and cloud systems from cyber-attacks.
What else can I do?
Patching vulnerable systems is a critical step in protecting against this vulnerability. Look at the news or advisory pages for all software products you use and ensure that you test and install patches for affected software. You can also contact Falanx for penetration testing to help find vulnerable systems.
What do I do if I think my network has already been compromised?
Contact us now and we can discuss how to detect and remediate the attack.
