The Cybersecurity and Infrastructure Security Agency urged the private and public sectors to actively address a critical vulnerability that a growing set of threat actors are exploiting.
CISA warns of Java logging library vulnerability
December 14, 2021 / By ICBA
The Cybersecurity and Infrastructure Security Agency urged the private and public sectors to actively address a critical vulnerability that a growing set of threat actors are exploiting.
The Cybersecurity and Infrastructure Security Agency urged the private and public sectors to actively address a critical vulnerability that a growing set of threat actors are exploiting.
Details:
CISA said a vulnerability in Java logging library log4j poses a “severe risk” to any device that runs the program and is exposed to the internet.
CISA recommends steps to mitigate the vulnerability: enumerating external-facing devices, actioning every alert on these devices, and installing a web application firewall with automatic updates.
Apache released an updated version of log4j to address the vulnerability.
Microsoft issued guidance for addressing log4j exploitation.
More: Additional tools and information for community banks are available on ICBA's Cyber and Data Security resource center.
Subscribe now
Sign up for the Independent Banker newsletter to receive twice-monthly emails about new issues and must-read content you might have missed.
Sponsored Content
Featured Webinars
Join ICBA Community
Interested in discussing this and other topics? Network with and learn from your peers with the app designed for community bankers.
Subscribe Today
Sign up for Independent Banker eNews to receive twice-monthly emails that alert you when a new issue drops and highlight must-read content you might have missed.
News Watch Today
Join the Conversation with ICBA Community
ICBA Community is an online platform led by community bankers to foster connections, collaborations, and discussions on industry news, best practices, and regulations, while promoting networking, mentorship, and member feedback to guide future initiatives.
Join the Community Example Text
