CISA Issues Emergency Directive on Log4j


By MYBRANDBOOK


CISA Issues Emergency Directive on Log4j

The US Department of Homeland Security's Cybersecurity Infrastructure and Security Agency ordered civilian federal agencies to take immediate steps to identify, patch, and alleviate Log4j vulnerabilities in their networks.

 

“The log4j vulnerabilities pose an unacceptable risk to federal network security. CISA has issued this emergency directive to drive federal civilian agencies to take action now to protect their networks, focusing first on internet-facing devices that pose the greatest immediate risk,” said CISA Director Jen Easterly.

 

“CISA also strongly urges every organization large and small to follow the federal government’s lead and take similar steps to assess their network security and adapt the mitigation measures outlined in our Emergency Directive. If you are using a vulnerable product on your network, you should consider your door wide open to any number of threats,” he added.  

 

CISA has set up a dedicated webpage with Log4j mitigation guidance and resources for network defenders, as well as a community-sourced GitHub repository of affected devices and services.   

The agency has said to "assume compromise" of systems that are affected, and agencies should monitor and investigate those systems for any signs of attack. CISA encourages public and private sector organizations to utilize these resources and take immediate steps to mitigate against this vulnerability.

 E-Magazine 
 VIDEOS  Placeholder image

Copyright www.mybrandbook.co.in @1999-2024 - All rights reserved.
Reproduction in whole or in part in any form or medium without express written permission of Kalinga Digital Media Pvt. Ltd. is prohibited.
Other Initiatives : www.varindia.com | www.spoindia.org