The Fives Eyes intelligence alliance have warned that threat actors are actively exploiting an Apache vulnerability in the Log4j logging library. The Five Eyes alliance, consisting of cybersecurity agencies in US, UK, Australia, Canada and New Zealand, announced in a joint statement on Wednesday that, “sophisticated cyber threat actors are actively scanning networks to potentially exploit Log4Shell, CVE-2021-45046, and CVE-2021- 45105 in vulnerable systems.”
Previously the CISA published guidance on Log4Shell. This joint statement from Five Eyes expands on this guidance and provides the additional following steps:
“• Identifying assets affected by Log4Shell and other Log4j-related vulnerabilities
• Upgrading Log4j assets and affected products to the latest version as soon as patches are available and remaining alert to vendor software updates
• Initiating hunt and incident response procedures to detect possible Log4Shell exploitation.”
