What is the Log4j Vulnerability?

In simple terms, it is how Java logs its files in programs.?Those programs are usually in systems like services that you log into in the cloud, but sometimes programs on your computer can use Java and have this vulnerability.

Is this just another scare tactic?

It is NOT.?Because the Log4j library can communicate with other sources and internal services, attackers can easily feed malicious commands from the outside and make your systems download and execute dangerous code from malicious sources.

How do I find it?

Some scanners are available online, and your IT should have already checked your systems.?I would not expect a client to find this vulnerability.?We have already scanned all of our clients' networks and computers and have resolved any findings.

What do I do?

UPDATE all of your software, especially your IoT devices that are connected to the internet like Thermostats, Cameras, doorbells, etc.?Check with vendors of your software and apply the mitigations provided by them.

This is a time to work with your Cybersecurity IT provider and if they have not discussed this with you yet, ask them what they have done to protect you.?If you do not have a company like that to protect your business reach out to us here at CyberSecure IT Solutions and we can discuss testing your systems.