According to the media alert, CISA is taking urgent action to drive mitigation of this vulnerability and detect any associated threat activity. CISA has added this vulnerability to their catalog of known exploited vulnerabilities, which compels federal civilian agencies -- and signals to non-federal partners -- to urgently patch or remediate this vulnerability. They are also proactively reaching out to entities whose networks may be vulnerable and are leveraging CISA scanning and intrusion detection tools to help government and industry partners identify exposure to or exploitation of the vulnerability.

The post CISA Statement and Guidance: The “Log4j” Vulnerability appeared first on ComplexDiscovery.