Log4j vulnerability – update from the CSIRTs Network
The EU CSIRTs Network held its first call on Log4j and escalated to “Alert Cooperation Mode” on 13 December 2021. Between 10 December and 12 January 2022, the CSIRTs Network Members continued to exchange information, published relevant advisories and met four times to discuss the results of two reporting surveys and national situations.
The CSIRTs Network members also actively contributed to updating the list of vulnerable software, which is maintained by the Dutch National Cyber Security Centre https://github.com/NCSC-NL and continue to update advisories for the benefit of their constituencies.
On 12 January 2022, based on the data collected, the national reporting and in the absence of large-scale or cross-border incidents, the EU CSIRTs Network decided to move back to default cooperation mode in relation to the log4j/log4shell vulnerability.
For more information on the latest advisories published by CSIRTs Network Members visit: https://github.com/enisaeu/CNW/tree/main/log4shell
Click here to read more.
Source and photo credits: ENISA