Australia: Cybersecurity authorities release joint cybersecurity advisory on mitigating Log4Shell and other Log4j-related vulnerabilities

On 22 December 2021, the Cybersecurity and Infrastructure Security Agency (CISA), alongside the Australian Cyber Security Centre, the United Kingdom’s National Cyber Security Centre, the Canadian Centre for Cyber Security and the New Zealand National Cyber Security Centre issued a joint cybersecurity advisory. It outlines details and ways of addressing Apache Log4j software’s vulnerabilities. In particular, the documents list the steps that organizations should implement to limit the risks and to protect their networks. The agencies recommend upgrading Log4j assets and establishing incident response procedures for Log4Shell exploitation identification.