...
General Guidance from Cybersecurity & Infrastructure Security Agency (CISA.gov) https://www.cisa.gov/uscert/apache-log4j-vulnerability-guidance
Helpful Video Presentation
Log4j Power Point Presentation
Log4j PDF
Note |
---|
Immediate Actions to Protect Against Log4j Exploitation • Discover all internet-facing assets that allow data inputs and use Log4j Java library anywhere in the stack. • Discover all assets that use the Log4j library. • Update or isolate affected assets. Assume compromise, identify common post-exploit sources and activity, and hunt for signs of malicious activity. • Monitor for odd traffic patterns (e.g., JNDI LDAP/RMI outbound traffic, DMZ systems initiating outbound connections). |
...
Products who didn't post an article but have no vulnerability to this issue
Helpful ideo presentation