Technology Information: Archived Posts

Security Alert: Log4j/Log4Shell Vulnerability - 12/15/2021

Brave North Technology is aware of the Log4j vulnerability and has been carefully monitoring and taking steps to assess risk and impact, and close vulnerabilities for impacted clients. As part of our Routine Stability and Security Maintenance process, we have already applied system patches and updates applicable to Log4j. If you have not received an individual, direct communication from a staff member of Brave North Technology, we have not identified an immediate vulnerability at your organization. Look for more updates from our team as we monitor this evolving security threat.

Some helpful resources regarding Log4j:

• Guidance for preventing, detecting, and hunting for exploitation of the Log4j 2 vulnerability (Microsoft, December 11, 2021)

• Apache Log4j Vulnerability Guidance (Cybersecurity & Infrastructure Security Agency (CISA), December 28, 2021)

• Microsoft warns of continued Log4j attacks (Security Magazine, January 6, 2022)

- Brian Roemen, CTO