Log4j: What you need to know now
Access the replay of the session with IBM X-Force experts to learn more about the vulnerability and how organisations can reduce the risk of an attack.
Duration: 17 minutes
Available On-Demand
Join this session to hear from Global Lead, X-Force Threat Intelligence Nick Rossman, X-Force Red Research Lead, Dan Cowley and X-Force Associate Partner, Abby Ross and learn about:
- The latest information about this flaw from our X-Force team.
- Learn how to check for vulnerable versions of Apache Log4j in your environment.
- Understand how to reduce the risk of an attack against your organisation.
- Nick Rossmann, Global Lead, X-Force Threat Intelligence, IBM Security
- Dan Crowley, Head of Research, X-Force Red, IBM Security
- Abby Ross, Associate Partner, X-Force Red, IBM Security.
About Log4J
IBM Security X-Force is tracking a recent disclosure regarding a vulnerabilityin the Log4j Java library, dubbed Log4Shell or LogJam. Millions of applications use the Java-based Log4j library to log activity, including several prominent web services.
While Apache has issued a patch with an update to the latest version, unpatched versions could be exploited by loading arbitrary Java code on the server. This could enable an attacker to take complete control of the system. This disclosure is being tracked in this IBM X-Force Exchange Collection and will be updated should additional information become available.
If you are unsure if log4j affects you, our advice is to contact your vendor. If you need help to apply vendor approved patches, Northdoor will be happy to assist.
For more information, read the blog on Security Intelligence titled: How Log4j vulnerability could impact you
