The series of vulnerabilities recently discovered in Log4j2 has shocked the internet. As part of our continuing research, on December 17, Hideki Okamoto from Akamai found and responsibly reported an additional denial-of-service (DoS) vulnerability, whi…
Threat Intelligence on Log4j CVE: Key Findings and Their Implications
Continuing with our research into CVE-2021-44228, Akamai has previously written about what the vulnerability is and given recommendations on how to go beyond patching for extra protection. Across the Akamai network, we see traffic from 1.3 billion uniq…
Log4Shell VMware vCenter Server (CVE-2021-44228)
Log4Shell is a critical vulnerability with the highest possible CVSSv3 score of 10.0 that affects thousands of products running Apache Log4j and leaves millions of targets potentially vulnerable. CVE-2021-44228 affects log4j versions 2.0-beta9 to 2.14….
Akamai Recommendations for Log4j Mitigation
Blog Blog https://www.akamai.com/blog CySecBot CySecBot
Livery Delivers a Seamless Low Latency Streaming Experience with Help from Akamai
Our new normal has ushered in the advent of hybrid events ? a mix of in-person and virtual events. This has made seamless live streaming with active participation of the audience, both live and remote, more important than ever. Amsterdam-headquartered …
Magecart Skimmers Are Alive and Well ? Constant Vigilance Is Required
Magecart skimmers are here to stay, and they?re becoming more sophisticated, more creative, and harder to detect. In this post, we reveal a new skimmer infrastructure that targets ecommerce sites all over the world with advanced methods of detection ev…
Promotion List
Defense Minister Shoygu greeted 14 of 24 new general / flag officers with their new shoulderboards. Some to watch: Teplinskiy, Yudin, Kontsevoy, Mordvichev, Solodchuk, Pyatayev. Continue reading
Log4j CVE-2021-44228
We are fairly confident that we are not vulnerable to the Log4J bug, but we will be releasing an update soon with an updated version of Log4J. Stay tuned.
EDIT: Please download 5.1.4-b2090 for the log4j update as well as a few other libraries.
CVE-2021-44228 – Patching is Recommended for Evolving Zero Day Vulnerability in Apache Log4j that allows remote code execution (RCE)
Akamai has been monitoring the rapidly evolving developments of CVE-2021-44228. We have been working closely with our customers and internal application teams to mitigate the risks posed by the threat of unauthorized remote code execution. This inclu…
CVE-2021-44228 – Zero Day Vulnerability in Apache Log4j that allows remote code execution (RCE)
See how Akamai helped open-source logging library Log4j fight against a critical unauthenticated remote code execution (RCE) vulnerability and reduce customer exposure.