Carriers are bracing for losses this holiday season due to log4j threats and vulnerabilities. A recent article from DarkReading mentions a recent discovery about Log4j that indicates that the attack surface may be much larger than initially suspected. Organizations are having a difficult time determining their true exposure to the threat and how long it will continue to impact them.
I’m sure you’ve also heard of the recent attacks on Solar Winds and Microsoft Exchange. While those cyber-attacks represented significant losses, in a certain sense the scale could be identified. This is the first step to mitigating risk. Software is pervasive, so it is difficult to pinpoint the true nature of what the scope is and how long is may persist a credible threat. As of now, continue to patch all local development and internal servers and keep up with current news related to Log4j vulnerabilities.