*Bonus* Log4J: What You Need to Know and How To Respond

On Friday, December 10th a vulnerability was reported in a Java-based software known as "Log4j which is used extensively by enterprises and even the NSA.

This poses potential risks for much of the internet and threat actors are already taking advantage of this as we speak.

Since then the cybersecurity world has kicked into overdrive to identify vulnerable applications, detect potential attacks, and mitigate against exploits as best as humanly possible.

In this episode, Jeroen van Kessel shares some advice on how to respond as he works around the clock to help companies mitigate potential risks.

Free Resources:

Vulnerable application list:https://github.com/NCSC-NL/log4shell/tree/main/software
Internal log4j binary scanner:https://github.com/l ogpresso/CVE-2021-44228-Scanner
Network scanner log4j: https://github.com/fullhunt/log4j-scan  

**Show Links**

- Check out [Cryptsus]

- Connect with Jeroen van Kessel on [LinkedIn] or [Twitter]

- Follow IRONSCALES on [LinkedIn] or [Twitter]

- Connect with Brendon Rod on [LinkedIn]

----------------------------

We’re stronger together.

Keep connected with CyberSecurity Heroes at Apple Podcasts, Spotify, Stitcher and Google Podcast.

Catch all the links to the episode below or search for #CyberSecurityHeroes in your favorite podcast player.

- Sounder:

- Apple:

- Spotify:

CyberSecurity Heroes is brought to you by IRONSCALES.

An email security platform powered by AI, enhanced by thousands of customer security teams and built around detecting and removing threats in the inbox.

We offer a service that is fast to deploy, easy to operate and is unparalleled in the ability to stop all types of email threats, including advanced attacks like BEC, ATO and more.

Learn more at ironscales.com