A serious software weakness in Apache software is exposing billions of devices globally. Log4j is a software utility that has been integrated into countless apps and IT platforms.
Recently discovered security flaws are being exploited by cyber criminals to attack IT systems in Australia and elsewhere.
The Australian Cyber Security Centre (ACSC) have released an Advisory that recommends patching immediately. See ACSC Advisory 2021-007: 2021-007: Log4j vulnerability – advice and mitigations.
https://www.cyber.gov.au/acsc/view-all-content/advisories/2021-007-log4j-vulnerability-advice-and-mitigations
The situation is fluid and we are monitoring it closely. We encourage all clients to keep themselves updated on Log4j developments (a.k.a. Log4Shell or simply LogJam) and follow the advice of the ACSC.
We continue working with insureds and clients to understand the cyber exposure to their business. Should you require a new business or renewal quotation for Cyber insurance, please note that we will be asking additional questions to understand the Log4j position of your business.
Additionally, scammers are very active this time of year. ‘Tis the season to be cyber alert!
Check out ACCCs quiz designed to help you recognise, avoid and report scams. Safely find out how good you are at spotting a scam!
Being cyber safe is a matter of taking your time before responding to emails, SMS’s or unknown callers. If you’re unsure about anything, do your own research before you act.