Microsoft Updates Log4j Directive- Gurucul Comments

By   ISBuzz Team
Writer , Information Security Buzz | Jan 05, 2022 02:37 am PST

The Microsoft 365 Defender Threat Intelligence Team and the Microsoft Threat Intelligence Center (MSTIC) has issued a new update to the December 11th guidance for preventing, detecting and hunting for exploitation of the Log4j vulnerability. The MSTIC has encourage Windows and Azure users to remain vigilant after observing the Log4j flaw through December. An expert from Gurucul has provided perspective.

Notify of
1 Expert Comment
Oldest Most Voted
Inline Feedbacks
View all comments
Saryu Nayyar
Saryu Nayyar , CEO
January 5, 2022 10:38 am

<p>\"The Log4j vulnerability continues to be one of the largest and most serious security problems in recent years that attackers continue to exploit despite its disclosure. The challenge is the widespread use of this open-source library and the difficulty in detecting its execution when it can be so deeply embedded down the software stack. Relying on traditional indicators of compromise or pattern matching is insufficient. Analyzing and controlling access to specific applications based on identity along with detection of anomalous behaviors to unearth this somewhat hidden vulnerability can more rapidly provide security teams with identification and prioritization of response actions.\"</p>

Last edited 2 years ago by Saryu Nayyar

Recent Posts

Would love your thoughts, please comment.x