The Log4j JNDI attack and how to prevent it

The disclosure of the critical Log4Shell (CVE-2021-44228) vulnerability and the release of first one and than additional PoC exploits has been an unwelcome surprise for the entire information security community, but most of all those who are tasked with keeping enterprise systems and network secure.

The timing of it all could be worse – it could have happened on Christmas Eve, for example – but the news hitting on a Thursday evening/Friday in the run-up to the biggest holiday season of the year has ruined the mood for many an enterprise defender.

The fact that finding all vulnerable applications/systems, mitigating the risk of exploitation, and searching for clues on whether any of them have been especially targeted and breached will take weeks and maybe months is another mood killer.

Unfortunately, sticking one’s head in the sand is not an option here. So, get as much information about the situation as possible: what happened, what is happening, and what you can do about it.