The Log4Shell/ Log4j Vulnerability (CVE-2021-44228) Explained

Since last Friday, attackers have launched more than 840,000 attacks on companies globally, all exploiting the Log4j vulnerability.

The Log4j flaw (also now known as “Log4Shell”) is a zero-day vulnerability denoted as CVE-2021-44228. This vulnerability allows attackers to use unauthenticated remote code execution (RCE) to gain full control of affected servers.

Log4j is used in many forms of enterprise and open-source software. This, combined with the impact of the vulnerability and how easy it is to exploit, means there are a wide range of organizations at risk.

BlackBerry Protect, BlackBerry Optics and BlackBerry Guard can help defend against these attacks:

BlackBerry® Cyber Suite and BlackBerry® Guard are well equipped to mitigate the risks posed by this vulnerability, and defend against further exploitation of a system.

BlackBerry Guard customers are proactively protected, as our 24/7 managed detection and response (MDR) service does the following:

• Monitors alerts in real time
• Applies corrective policies while discovering gaps in policy implementation
• Provides prioritized threat hunting
• Applies the latest threat intelligence for fast moving threats

In addition to these core offerings, BlackBerry also offers incident response retainers. This allows for quick containment and response in the event of an incident. Another best practice to consider is conducting regular compromise assessments, so that you can be sure your organization hasn’t been impacted.

Our Prevention-First Philosophy

At BlackBerry, we take a prevention-first and AI-driven approach to cybersecurity. Putting prevention first neutralizes malware. By stopping malware at this stage, BlackBerry® solutions help organizations increase their resilience.

BlackBerry Assistance

The BlackBerry Incident Response Team can work with organizations of any size and across any vertical, to evaluate and enhance your endpoint security posture and proactively maintain the security, integrity, and resilience of your network infrastructure.

[“source=blackberry”]