CONTRIBUTOR

Alston & Bird

ARTICLE

United States: CISA Issues Statement On Log4j Critical Vulnerability

15 December 2021

by Kimberly Peretti and Jon Knight

Alston & Bird

To print this article, all you need is to be registered or login on Mondaq.com.

Log4j is a java-based tool from Apache's open source library used for parsing logs that never seems to have made headlines before this past weekend. Now, following the December 9^th public announcement of a vulnerability in this tool, public and private sector security partners are issuing warnings about this “critical vulnerability.” While the full scope and exploitability of this vulnerability remains to be seen, the Cybersecurity and Infrastructure Agency (“CISA”) has issued a statement that they are taking “urgent action.” Noting this vulnerability “poses a severe risk,” CISA “is proactively reaching out to entities whose networks may be vulnerable,” and is leveraging it scanning and intrusion detection tools “to help government and industry partners identify exposure to or exploitation of the vulnerability.” While CISA has issued basic guidance (including to patch any known externally-facing uses of Log4j), we can expect more intelligence and mediation recommendations in the coming days and weeks.

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.

AUTHOR(S)

Kimberly Peretti

Alston & Bird

Jon Knight

Alston & Bird

ARTICLE TAGS

United States Technology Security

POPULAR ARTICLES ON: Technology from United States

RELATED CONTENT

FREE News Alerts

Sign Up for our free News Alerts - All the latest articles on your chosen topics condensed into a free bi-weekly email.

Article Tags

United States Technology Security

Related Articles

Coinbase Effort To Dismiss SEC Suit Falls Short Duane Morris LLP

Coinbase's Defense Falters: Latest Developments In SEC Legal Battle Duane Morris LLP

Guidance On Addressing Compliance Challenges With The Newly Effective E.U. Digital Services Act Steptoe LLP

CIRCIA: Cyber Incident Reporting For Practically Everyone? Venable LLP

White House Issues Key Artificial Intelligence Actions Following Executive Order McDonald Hopkins

Mondaq Webinars

APR24

Mastering Mediation & Arbitration: Strategies for Navigating the Rising Tide of Privacy Class Action Lawsuits

APR25

Canadian Employment Law: Updates and Emerging Trends in Employment

McCarthy Tétrault LLP

Comparative Guides

Anti-Corruption & Bribery

Artificial Intelligence

Aviation Finance

Aviation Regulation

Banking Regulation

Mondaq Advice Centres

United States

Advertising and Marketing

United States

Telemarketing

United States

COVID-19

Global

Trademarks in SAARC Countries

United States

International Trade Law & Customs

Curated Content

Evolving Legal Norms For Artificial Intelligence In The European Union And The United States
Braumiller Law Group, PLLC

The Use Of AI In ADR: Balancing Potential And Pitfalls
JAMS

Assessing The Benefits And Challenges Of Tokenizing Real World Assets
Braumiller Law Group, PLLC

Knowing What's Ahead: Dispute Resolution Planning For Startups In The New Age Of Generative AI
JAMS

Can The U.S. Mitigate Digital Assets Fraud While Fostering Innovation?
Braumiller Law Group, PLLC

Upcoming Events

APR18

Artificial Intelligence - Practical Applications Webinar

Godfrey & Kahn S.C.

Webinar Milwaukee United States

MAY09

Banking Cryptocurrency Companies After Crypto Winter

Crowell & Moring LLP

Panel New York United States

More filters

Mondaq Social Media

© Mondaq® Ltd 1994 - 2024. All Rights Reserved.

Please to Mondaq or for unlimited free access and a complimentary news alert

|

|

|

|