Urgent Vendor Risk Alert: Log4j Java/Apache Logging Vulnerability
A far-spanning zero-day vulnerability was exposed over the weekend for the ubiquitous open-sourced logging utility called Log4j. CORL is actively working with our customers and vendor population to understand the extent of deployment of Log4j in the vendor community and the impact and risk exposure it may create for our customers. This blog provides a short summary of the Log4j vulnerability, as well as recommendations for remediation and risk mitigation for organizations and their third-party vendors.
Read More