Security
17 December 2021
An update in relation to CVE-2021-44228 (Apache Log4j 2 vulnerability)
We are pleased to advise that we have had no attacks and the proactive measures we implemented at the start of this process are preventing any infiltration attempts.
Our software vendors have provided their own postures and are either bypassing Apache for now or have applied the most recent patch.
12 December 2021
Our statement in relation to CVE-2021-44228 (Apache Log4j 2 vulnerability)
You may have heard in the news about a major cyber security vulnerability in the Apache Log4j library, a widely used piece of logging software, which allows for malicious code to be remotely executed on computer systems where Log4j 2 is present.
All vendors and manufacturers are continuing to evaluate the impact of this recently discovered vulnerability, and KFH has so far taken the following actions to mitigate risk:
- Constantly monitoring major providers including Cisco, Microsoft, VMWare and others, for information regarding potential vulnerabilities and patches
- Identified risk in a few providers, and taken action to mitigate these risks and nullify the threat. This process is ongoing
- Updated firewalls with a new ruleset, which can detect and will block connections that fit criteria associated with the known vulnerability
- Deployed an additional cyber security tool which looks for and identifies potential Indicators of Compromise (IoCs), onto critical internet accessible systems
- Contacted all software vendors to verify their approach to risk mitigation
- Manually checked app servers for the presence of the log4j vulnerable file
KFH takes cyber security extremely seriously, and the tools and platforms that we have implemented over the last 18 months have given us a strong foundation to continue to mature our cyber security posture and protect against attacks in an ever-changing landscape. We anticipate activity related to this highly critical vulnerability will continue for some weeks to come, such is the breadth and scope of software impacted.
We will continue to update with page with any new information or developments.