Log4j Zero-Day Attack

Critical

16/12/2021

There is currently a critical vulnerability in Log4j, a ubiquitous logging tool included in almost every application that uses Java (a common programming language). For internet-facing systems, this vulnerability can be easily exploited, allowing an attacker to take control of vulnerable systems remotely. This vulnerability is ranked 10 on the Common Vulnerability Scoring System (a 1 to 10 scale based on severity).

By attacking and compromising a system that can be accessed via the internet (external facing), cybercriminals may be able to gain a foothold inside your network. Once they have compromised a system inside of your network (internal facing), effectively bypassing your firewall protection, they may then look to spread to other high-value targets.

Examples of types of external-facing systems that may be vulnerable:

  • Wifi, i.e., Access Points
  • Third-party software, i.e., CCTV, Security Systems, Aircon, Building Management Systems, file transfer systems
  • Web-based customer portals

Examples of types of internal-facing systems that may be vulnerable:

  • Virtualisation i.e., VMware
  • Switches, i.e., Juniper, Unifi
  • Servers and NAS
  • Printers i.e., Canon, Ricoh etc
Read more about the vulnerability here
Services
IT StrategyModern WorkCloud and Infrastructure
SupportDay to Day SupportCyber SecurityData InsightsBusiness Continuity and
Disaster Recovery
Industries
Professional ServicesManufacturingConstruction and LogisticsHealth and Veterinary
About
Who We AreOur PeopleCommunityContact
Insights
IT Industry NewsResourcesBlogsCase StudiesOutages & Vulnerabilities
Careers
Working at IT PartnersCurrent Vacancies

Panama East, 2/469 Grey Street, Hamilton, 3216

P: 07 957 2650E: hello@itpartners.co.nz
Contact