Jen Easterly, director of the Cybersecurity and Infrastructure Security Agency, said CISA has added a critical vulnerability involving the log4j software library to its “catalog of known exploited vulnerabilities” to incite federal civilian agencies and partners to immediately patch or remediate the issue.
“We are proactively reaching out to entities whose networks may be vulnerable and are leveraging our scanning and intrusion detection tools to help government and industry partners identify exposure to or exploitation of the vulnerability,” Easterly said in a statement published Saturday.
She said the agency also formed a Joint Cyber Defense Collaborative senior leadership group, including partners at the FBI and the National Security Agency, to coordinate action to address the log4j vulnerability.
“We continue to urge all organizations to review the latest CISA current activity alert and upgrade to log4j version 2.15.0, or apply their appropriate vendor recommended mitigations immediately,” Easterly added.
CISA has called on asset owners to install a web application firewall with rules that update to ensure that security operations centers concentrate on fewer alerts; make sure that the SOC take action on each alert; and enumerate any external facing devices with installed log4j software.