The Department of Homeland Security Cybersecurity and Infrastructure Security Agency (DHS CISA) recently created a website to track and respond to the active, widespread exploitation of a critical remote code execution vulnerability (CVE-2021-44228) affecting Apache Log4j software library versions 2.0-beta9 to 2.14.1.
Log4j is broadly used in a variety of consumer and enterprise services, websites and applications to log security and performance information. An unauthenticated, remote actor could exploit this vulnerability to take control of an affected system. This website aims to provide information such as indicators of compromise (IOC), mitigation procedures and current tactics, techniques and procedures.
CISA urges organizations to review its Apache Log4j Vulnerability Guidance webpage and upgrade to Log4j version 2.15.0, or apply the appropriate vendor recommended mitigations immediately. CISA will continue to update the webpage as additional information becomes available. APCO encourages you to forward this information to your IT professionals and product vendors to ensure this vulnerability is mitigated within your systems and networks.