The Cyber Safety Review Board is operated by The Department of Homeland Security and in it’s inaugural report the Log4j vulnerability, spread and exploitation is discussed:
CSRB Report on Log4j – Public Report – July 11 2022_508 Compliant (cisa.gov)
It makes interesting reading. I wonder just how many developers do not know about the issue, or understand how it impacts them?
My advice: Either you or your IT support need to check whether these issues impact your systems. You need to have a master document that details your systems, hardware, software, online, networks, back-ups, suppliers etc – so when cyber security (or operational) issues arise you and your support teams can quickly check if you are affected. From there you can take fast, effective action.
Further Reading
Log4j and Log4Shell posts at Smart Thinking Solutions
Clive Catton MSc (Cyber Security) – by-line and other articles
Please Note:
I am on leave so the news this week is “in brief”. You can still contact me via the contact page and Octagon Technology.