{"id":4953,"date":"2022-01-31T15:51:24","date_gmt":"2022-01-31T20:51:24","guid":{"rendered":"https:\/\/www.stratospherenetworks.com\/blog\/?p=4953"},"modified":"2022-02-01T11:17:50","modified_gmt":"2022-02-01T16:17:50","slug":"cybersecurity-lessons-from-the-discovery-and-exploitation-of-the-log4shell-vulnerability","status":"publish","type":"post","link":"https:\/\/www.stratospherenetworks.com\/blog\/cybersecurity-lessons-from-the-discovery-and-exploitation-of-the-log4shell-vulnerability\/","title":{"rendered":"Cybersecurity lessons from the discovery and exploitation of the Log4Shell vulnerability"},"content":{"rendered":"<p><img decoding=\"async\" class=\"alignleft size-medium wp-image-4954\" src=\"https:\/\/www.stratospherenetworks.com\/blog\/wp-content\/uploads\/2022\/01\/log4j-security-warning-on-laptop-300x169.jpg\" alt=\"A laptop with a glowing red screen with a triangular warning symbol and LOG4J displayed on it.\" width=\"300\" height=\"169\" srcset=\"https:\/\/www.stratospherenetworks.com\/blog\/wp-content\/uploads\/2022\/01\/log4j-security-warning-on-laptop-300x169.jpg 300w, https:\/\/www.stratospherenetworks.com\/blog\/wp-content\/uploads\/2022\/01\/log4j-security-warning-on-laptop-1024x576.jpg 1024w, https:\/\/www.stratospherenetworks.com\/blog\/wp-content\/uploads\/2022\/01\/log4j-security-warning-on-laptop-768x432.jpg 768w, https:\/\/www.stratospherenetworks.com\/blog\/wp-content\/uploads\/2022\/01\/log4j-security-warning-on-laptop-1536x864.jpg 1536w, https:\/\/www.stratospherenetworks.com\/blog\/wp-content\/uploads\/2022\/01\/log4j-security-warning-on-laptop-2048x1152.jpg 2048w, https:\/\/www.stratospherenetworks.com\/blog\/wp-content\/uploads\/2022\/01\/log4j-security-warning-on-laptop-200x113.jpg 200w\" sizes=\"(max-width: 300px) 100vw, 300px\" \/>In terms of cybersecurity, 2021 had an eventful end as security researchers identified a significant issue with the Apache Log4j software library. By exploiting the remote code execution (RCE) vulnerability that became known as Log4Shell, bad actors can potentially commandeer the system running the program, according to guidance from the <a href=\"https:\/\/www.cisa.gov\/uscert\/apache-log4j-vulnerability-guidance\" target=\"_blank\" rel=\"noopener nofollow\" class=\"external external_icon\">Cybersecurity &amp; Infrastructure Security Agency (CISA)<\/a>.<\/p>\n<p>After researchers uncovered the RCE issue, additional vulnerabilities involving denial-of-service and untrusted deserialization as well as remote code execution came to light, according to the Center for Internet Security (CIS) <a href=\"https:\/\/www.cisecurity.org\/log4j-zero-day-vulnerability-response\/\" target=\"_blank\" rel=\"noopener nofollow\" class=\"external external_icon\">Log4j Zero-Day Vulnerability Response page<\/a>. Apache released fixes for the known issues. The page (last updated on January 7, 2022) states, \u201cWe expect this cycle of vulnerability-fix vulnerability-fix will continue as attackers and researchers continue to focus on Log4j.\u201d<\/p>\n<p>Because Log4j software is everywhere, the presence of these flaws means millions of web applications, enterprise software solutions and consumer products are potentially at risk, according to the <a href=\"https:\/\/www.ftc.gov\/news-events\/blogs\/techftc\/2022\/01\/ftc-warns-companies-remediate-log4j-security-vulnerability\" target=\"_blank\" rel=\"noopener nofollow\" class=\"external external_icon\">Federal Trade Commission (FTC)<\/a>. In December, <a href=\"https:\/\/www.wsj.com\/articles\/what-is-the-log4j-vulnerability-11639446180\" target=\"_blank\" rel=\"noopener nofollow\" class=\"external external_icon\">The Wall Street Journal<\/a> reported that Akamai Technologies Inc. recorded 10 million Log4Shell exploitation attempts per hour in the U.S., and impacted suppliers and software included Minecraft, IBM, Twitter and Amazon, among many others.<\/p>\n<p>The CISA and FTC urge anyone who could be affected (including companies across all industries) to identify all assets that utilize Log4j, update to the latest version of the software, and monitor for unusual traffic and signs of compromise. Potentially affected organizations should review the <a href=\"https:\/\/logging.apache.org\/log4j\/2.x\/security.html\" target=\"_blank\" rel=\"noopener nofollow\" class=\"external external_icon\">Apache Log4j Security Vulnerabilities page<\/a> and the <a href=\"https:\/\/github.com\/cisagov\/log4j-affected-db\" target=\"_blank\" rel=\"noopener nofollow\" class=\"external external_icon\">CISA\u2019s GitHub repository<\/a>, which includes a list of affected vendors.<\/p>\n<h2>Key takeaways from the Log4j vulnerabilities and exploits<\/h2>\n<p>The issues with the Log4j library impact multiple industries and have inspired a new surge of cybercrime. A <a href=\"https:\/\/www.microsoft.com\/security\/blog\/2021\/12\/11\/guidance-for-preventing-detecting-and-hunting-for-cve-2021-44228-log4j-2-exploitation\/\" target=\"_blank\" rel=\"noopener nofollow\" class=\"external external_icon\">Microsoft Security blog entry<\/a> on Log4j vulnerabilities notes that the remote code execution issues have created a novel attack vector and led to hacking involving mass-scanning, coin mining, red-team activity and remote shell establishment.<\/p>\n<p>Reflecting on the identification and ongoing exploitation of issues in Log4j software, here are a few key points to take away from the situation.<\/p>\n<h2>1. A comprehensive cybersecurity program is critical if you want to combat zero-day threats like Log4Shell.<\/h2>\n<p>As noted in a previous <a href=\"https:\/\/www.stratospherenetworks.com\/blog\/how-to-protect-your-business-from-the-growing-threat-of-zero-day-malware\/\" target=\"_blank\" rel=\"noopener\">Cyber Corner post<\/a>, zero-day threats \u2013 which are brand new and therefore capable of bypassing signature-based defenses \u2013 have been on the rise for a while. <a href=\"https:\/\/www.watchguard.com\/wgrd-news\/press-releases\/new-watchguard-research-reveals-traditional-anti-malware-solutions-miss\" target=\"_blank\" rel=\"noopener nofollow\" class=\"external external_icon\">WatchGuard\u2019s Threat Lab<\/a> found that 74 percent of malware detected during the first quarter of 2021 was zero-day.<\/p>\n<p>If you want to minimize the damage zero-day exploits like Log4Shell can do to your systems, you need a team of IT security professionals to implement and manage advanced solutions such as <a href=\"https:\/\/www.stratospherenetworks.com\/blog\/what-is-xdr-your-guide-to-extended-detection-and-response\/\" target=\"_blank\" rel=\"noopener\">extended detection and response (XDR)<\/a> as well as deliver incident response services. It\u2019s crucial to proactively monitor for signs of compromise and have experts on your side capable of rapidly identifying and remediating threats.<\/p>\n<h2>2. Staying up-to-speed on patching is crucial.<\/h2>\n<p>The Log4j library is far from the only software that could leave you vulnerable to cyberattacks if you fail to update it. Ensure your IT team or an external service provider routinely patches and updates all the programs you rely on to keep your risk level low. Running outdated software could not only lead to a data breach but could also land you in hot water legally: The FTC notes that organizations that don\u2019t locate and patch vulnerable Log4j software might violate the Federal Trade Commission Act.<\/p>\n<h2>3. Reliance on open-source software maintained by often underfunded teams of volunteers is increasingly unsustainable.<\/h2>\n<p>The cybersecurity crisis caused by the Log4j vulnerabilities has shed light on the larger issue of the internet\u2019s reliance on open-source programs maintained by volunteers with limited incident response resources, according to the MIT Technology Review article \u201c<a href=\"https:\/\/www.technologyreview.com\/2021\/12\/17\/1042692\/log4j-internet-open-source-hacking\/\" target=\"_blank\" rel=\"noopener nofollow\" class=\"external external_icon\">The internet runs on free open-source software. Who pays to fix it?<\/a>\u201d<\/p>\n<p>Filippo Valsorda, a cryptography engineer with Google, told the Review that companies should find ways to pay the developers who maintain open-source software. In August 2021, for example, <a href=\"https:\/\/blog.google\/technology\/safety-security\/why-were-committing-10-billion-to-advance-cybersecurity\/\" target=\"_blank\" rel=\"noopener nofollow\" class=\"external external_icon\">Google announced<\/a> plans to invest $10 billion over 5 years in various cybersecurity initiatives, including efforts to improve open-source security.<\/p>\n<p>The FTC notes that Log4Shell represents only \u201cpart of a broader set of structural issues\u201d and is one of thousands of open-source services that constitute critical internet infrastructure.<\/p>\n<p>\u201cThis overall dynamic is something the\u202fFTC\u202fwill consider as we work to address the\u202froot\u202fissues that endanger user security,\u201d the agency notes in a blog entry on Log4j.<\/p>\n<p>Ultimately, the fallout of the Log4j issues underscores the need for a proactive and current cybersecurity strategy. Our advisors can connect you with leading managed security service providers (MSSPs) and IT security solution suppliers to keep your risk level low and minimize the damage caused by any threats that slip past your defenses with incident response services.<\/p>\n<p>For details, please give us a call at 877-599-3999 or email <a href=\"mailto:sales@stratospherenetworks.com\" target=\"_blank\" rel=\"noopener\">sales@stratospherenetworks.com<\/a>.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>In terms of cybersecurity, 2021 had an eventful end as security researchers identified a significant issue with the Apache Log4j software library. By exploiting the remote code execution (RCE) vulnerability that became known as Log4Shell, bad actors can potentially commandeer &hellip; <a href=\"https:\/\/www.stratospherenetworks.com\/blog\/cybersecurity-lessons-from-the-discovery-and-exploitation-of-the-log4shell-vulnerability\/\">Read more <span class=\"meta-nav\">><\/span><\/a><\/p>\n","protected":false},"author":5,"featured_media":4954,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[263],"tags":[],"class_list":["post-4953","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cyber-corner"],"yoast_head":"<title>Key takeaways from the discovery of Log4Shell<\/title>\n<meta name=\"description\" content=\"The discovery of a remote code execution vulnerability in Log4j had significant implications for organizations across all industries.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.stratospherenetworks.com\/blog\/cybersecurity-lessons-from-the-discovery-and-exploitation-of-the-log4shell-vulnerability\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Key takeaways from the discovery of Log4Shell\" \/>\n<meta property=\"og:description\" content=\"The discovery of a remote code execution vulnerability in Log4j had significant implications for organizations across all industries.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.stratospherenetworks.com\/blog\/cybersecurity-lessons-from-the-discovery-and-exploitation-of-the-log4shell-vulnerability\/\" \/>\n<meta property=\"og:site_name\" content=\"Stratosphere Networks IT Support Blog - Chicago IT Support Technical Support\" \/>\n<meta property=\"article:published_time\" content=\"2022-01-31T20:51:24+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2022-02-01T16:17:50+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.stratospherenetworks.com\/blog\/wp-content\/uploads\/2022\/01\/log4j-security-warning-on-laptop.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"2309\" \/>\n\t<meta property=\"og:image:height\" content=\"1299\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Kevin Rubin\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Kevin Rubin\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"4 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.stratospherenetworks.com\/blog\/cybersecurity-lessons-from-the-discovery-and-exploitation-of-the-log4shell-vulnerability\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.stratospherenetworks.com\/blog\/cybersecurity-lessons-from-the-discovery-and-exploitation-of-the-log4shell-vulnerability\/\"},\"author\":{\"name\":\"Kevin Rubin\",\"@id\":\"https:\/\/www.stratospherenetworks.com\/blog\/#\/schema\/person\/5e80dcea00878b83fb152245aa51b3f5\"},\"headline\":\"Cybersecurity lessons from the discovery and exploitation of the Log4Shell vulnerability\",\"datePublished\":\"2022-01-31T20:51:24+00:00\",\"dateModified\":\"2022-02-01T16:17:50+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.stratospherenetworks.com\/blog\/cybersecurity-lessons-from-the-discovery-and-exploitation-of-the-log4shell-vulnerability\/\"},\"wordCount\":830,\"commentCount\":0,\"image\":{\"@id\":\"https:\/\/www.stratospherenetworks.com\/blog\/cybersecurity-lessons-from-the-discovery-and-exploitation-of-the-log4shell-vulnerability\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.stratospherenetworks.com\/blog\/wp-content\/uploads\/2022\/01\/log4j-security-warning-on-laptop.jpg\",\"articleSection\":[\"Cyber Corner\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\/\/www.stratospherenetworks.com\/blog\/cybersecurity-lessons-from-the-discovery-and-exploitation-of-the-log4shell-vulnerability\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.stratospherenetworks.com\/blog\/cybersecurity-lessons-from-the-discovery-and-exploitation-of-the-log4shell-vulnerability\/\",\"url\":\"https:\/\/www.stratospherenetworks.com\/blog\/cybersecurity-lessons-from-the-discovery-and-exploitation-of-the-log4shell-vulnerability\/\",\"name\":\"Key takeaways from the discovery of Log4Shell\",\"isPartOf\":{\"@id\":\"https:\/\/www.stratospherenetworks.com\/blog\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.stratospherenetworks.com\/blog\/cybersecurity-lessons-from-the-discovery-and-exploitation-of-the-log4shell-vulnerability\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/www.stratospherenetworks.com\/blog\/cybersecurity-lessons-from-the-discovery-and-exploitation-of-the-log4shell-vulnerability\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.stratospherenetworks.com\/blog\/wp-content\/uploads\/2022\/01\/log4j-security-warning-on-laptop.jpg\",\"datePublished\":\"2022-01-31T20:51:24+00:00\",\"dateModified\":\"2022-02-01T16:17:50+00:00\",\"author\":{\"@id\":\"https:\/\/www.stratospherenetworks.com\/blog\/#\/schema\/person\/5e80dcea00878b83fb152245aa51b3f5\"},\"description\":\"The discovery of a remote code execution vulnerability in Log4j had significant implications for organizations across all industries.\",\"breadcrumb\":{\"@id\":\"https:\/\/www.stratospherenetworks.com\/blog\/cybersecurity-lessons-from-the-discovery-and-exploitation-of-the-log4shell-vulnerability\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.stratospherenetworks.com\/blog\/cybersecurity-lessons-from-the-discovery-and-exploitation-of-the-log4shell-vulnerability\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.stratospherenetworks.com\/blog\/cybersecurity-lessons-from-the-discovery-and-exploitation-of-the-log4shell-vulnerability\/#primaryimage\",\"url\":\"https:\/\/www.stratospherenetworks.com\/blog\/wp-content\/uploads\/2022\/01\/log4j-security-warning-on-laptop.jpg\",\"contentUrl\":\"https:\/\/www.stratospherenetworks.com\/blog\/wp-content\/uploads\/2022\/01\/log4j-security-warning-on-laptop.jpg\",\"width\":2309,\"height\":1299,\"caption\":\"A laptop with a glowing red screen with a triangular warning symbol and LOG4J displayed on it.\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.stratospherenetworks.com\/blog\/cybersecurity-lessons-from-the-discovery-and-exploitation-of-the-log4shell-vulnerability\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.stratospherenetworks.com\/blog\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Cybersecurity lessons from the discovery and exploitation of the Log4Shell vulnerability\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.stratospherenetworks.com\/blog\/#website\",\"url\":\"https:\/\/www.stratospherenetworks.com\/blog\/\",\"name\":\"Stratosphere Networks IT Support Blog - Chicago IT Support Technical Support\",\"description\":\"The Stratosphere Networks IT Support blog offering IT Support Services information.\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.stratospherenetworks.com\/blog\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.stratospherenetworks.com\/blog\/#\/schema\/person\/5e80dcea00878b83fb152245aa51b3f5\",\"name\":\"Kevin Rubin\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.stratospherenetworks.com\/blog\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/4e0f1ab948ce542b3dd8def474bcde6faa8862614b72d26878c7755269b276e9?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/4e0f1ab948ce542b3dd8def474bcde6faa8862614b72d26878c7755269b276e9?s=96&d=mm&r=g\",\"caption\":\"Kevin Rubin\"},\"sameAs\":[\"http:\/\/stratospherenetworks.com\/\"],\"url\":\"https:\/\/www.stratospherenetworks.com\/blog\/author\/kevin-rubin\/\"}]}<\/script>","yoast_head_json":{"title":"Key takeaways from the discovery of Log4Shell","description":"The discovery of a remote code execution vulnerability in Log4j had significant implications for organizations across all industries.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.stratospherenetworks.com\/blog\/cybersecurity-lessons-from-the-discovery-and-exploitation-of-the-log4shell-vulnerability\/","og_locale":"en_US","og_type":"article","og_title":"Key takeaways from the discovery of Log4Shell","og_description":"The discovery of a remote code execution vulnerability in Log4j had significant implications for organizations across all industries.","og_url":"https:\/\/www.stratospherenetworks.com\/blog\/cybersecurity-lessons-from-the-discovery-and-exploitation-of-the-log4shell-vulnerability\/","og_site_name":"Stratosphere Networks IT Support Blog - Chicago IT Support Technical Support","article_published_time":"2022-01-31T20:51:24+00:00","article_modified_time":"2022-02-01T16:17:50+00:00","og_image":[{"width":2309,"height":1299,"url":"https:\/\/www.stratospherenetworks.com\/blog\/wp-content\/uploads\/2022\/01\/log4j-security-warning-on-laptop.jpg","type":"image\/jpeg"}],"author":"Kevin Rubin","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Kevin Rubin","Est. reading time":"4 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.stratospherenetworks.com\/blog\/cybersecurity-lessons-from-the-discovery-and-exploitation-of-the-log4shell-vulnerability\/#article","isPartOf":{"@id":"https:\/\/www.stratospherenetworks.com\/blog\/cybersecurity-lessons-from-the-discovery-and-exploitation-of-the-log4shell-vulnerability\/"},"author":{"name":"Kevin Rubin","@id":"https:\/\/www.stratospherenetworks.com\/blog\/#\/schema\/person\/5e80dcea00878b83fb152245aa51b3f5"},"headline":"Cybersecurity lessons from the discovery and exploitation of the Log4Shell vulnerability","datePublished":"2022-01-31T20:51:24+00:00","dateModified":"2022-02-01T16:17:50+00:00","mainEntityOfPage":{"@id":"https:\/\/www.stratospherenetworks.com\/blog\/cybersecurity-lessons-from-the-discovery-and-exploitation-of-the-log4shell-vulnerability\/"},"wordCount":830,"commentCount":0,"image":{"@id":"https:\/\/www.stratospherenetworks.com\/blog\/cybersecurity-lessons-from-the-discovery-and-exploitation-of-the-log4shell-vulnerability\/#primaryimage"},"thumbnailUrl":"https:\/\/www.stratospherenetworks.com\/blog\/wp-content\/uploads\/2022\/01\/log4j-security-warning-on-laptop.jpg","articleSection":["Cyber Corner"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/www.stratospherenetworks.com\/blog\/cybersecurity-lessons-from-the-discovery-and-exploitation-of-the-log4shell-vulnerability\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/www.stratospherenetworks.com\/blog\/cybersecurity-lessons-from-the-discovery-and-exploitation-of-the-log4shell-vulnerability\/","url":"https:\/\/www.stratospherenetworks.com\/blog\/cybersecurity-lessons-from-the-discovery-and-exploitation-of-the-log4shell-vulnerability\/","name":"Key takeaways from the discovery of Log4Shell","isPartOf":{"@id":"https:\/\/www.stratospherenetworks.com\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.stratospherenetworks.com\/blog\/cybersecurity-lessons-from-the-discovery-and-exploitation-of-the-log4shell-vulnerability\/#primaryimage"},"image":{"@id":"https:\/\/www.stratospherenetworks.com\/blog\/cybersecurity-lessons-from-the-discovery-and-exploitation-of-the-log4shell-vulnerability\/#primaryimage"},"thumbnailUrl":"https:\/\/www.stratospherenetworks.com\/blog\/wp-content\/uploads\/2022\/01\/log4j-security-warning-on-laptop.jpg","datePublished":"2022-01-31T20:51:24+00:00","dateModified":"2022-02-01T16:17:50+00:00","author":{"@id":"https:\/\/www.stratospherenetworks.com\/blog\/#\/schema\/person\/5e80dcea00878b83fb152245aa51b3f5"},"description":"The discovery of a remote code execution vulnerability in Log4j had significant implications for organizations across all industries.","breadcrumb":{"@id":"https:\/\/www.stratospherenetworks.com\/blog\/cybersecurity-lessons-from-the-discovery-and-exploitation-of-the-log4shell-vulnerability\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.stratospherenetworks.com\/blog\/cybersecurity-lessons-from-the-discovery-and-exploitation-of-the-log4shell-vulnerability\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.stratospherenetworks.com\/blog\/cybersecurity-lessons-from-the-discovery-and-exploitation-of-the-log4shell-vulnerability\/#primaryimage","url":"https:\/\/www.stratospherenetworks.com\/blog\/wp-content\/uploads\/2022\/01\/log4j-security-warning-on-laptop.jpg","contentUrl":"https:\/\/www.stratospherenetworks.com\/blog\/wp-content\/uploads\/2022\/01\/log4j-security-warning-on-laptop.jpg","width":2309,"height":1299,"caption":"A laptop with a glowing red screen with a triangular warning symbol and LOG4J displayed on it."},{"@type":"BreadcrumbList","@id":"https:\/\/www.stratospherenetworks.com\/blog\/cybersecurity-lessons-from-the-discovery-and-exploitation-of-the-log4shell-vulnerability\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.stratospherenetworks.com\/blog\/"},{"@type":"ListItem","position":2,"name":"Cybersecurity lessons from the discovery and exploitation of the Log4Shell vulnerability"}]},{"@type":"WebSite","@id":"https:\/\/www.stratospherenetworks.com\/blog\/#website","url":"https:\/\/www.stratospherenetworks.com\/blog\/","name":"Stratosphere Networks IT Support Blog - Chicago IT Support Technical Support","description":"The Stratosphere Networks IT Support blog offering IT Support Services information.","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.stratospherenetworks.com\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/www.stratospherenetworks.com\/blog\/#\/schema\/person\/5e80dcea00878b83fb152245aa51b3f5","name":"Kevin Rubin","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.stratospherenetworks.com\/blog\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/4e0f1ab948ce542b3dd8def474bcde6faa8862614b72d26878c7755269b276e9?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/4e0f1ab948ce542b3dd8def474bcde6faa8862614b72d26878c7755269b276e9?s=96&d=mm&r=g","caption":"Kevin Rubin"},"sameAs":["http:\/\/stratospherenetworks.com\/"],"url":"https:\/\/www.stratospherenetworks.com\/blog\/author\/kevin-rubin\/"}]}},"_links":{"self":[{"href":"https:\/\/www.stratospherenetworks.com\/blog\/wp-json\/wp\/v2\/posts\/4953","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.stratospherenetworks.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.stratospherenetworks.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.stratospherenetworks.com\/blog\/wp-json\/wp\/v2\/users\/5"}],"replies":[{"embeddable":true,"href":"https:\/\/www.stratospherenetworks.com\/blog\/wp-json\/wp\/v2\/comments?post=4953"}],"version-history":[{"count":4,"href":"https:\/\/www.stratospherenetworks.com\/blog\/wp-json\/wp\/v2\/posts\/4953\/revisions"}],"predecessor-version":[{"id":4966,"href":"https:\/\/www.stratospherenetworks.com\/blog\/wp-json\/wp\/v2\/posts\/4953\/revisions\/4966"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.stratospherenetworks.com\/blog\/wp-json\/wp\/v2\/media\/4954"}],"wp:attachment":[{"href":"https:\/\/www.stratospherenetworks.com\/blog\/wp-json\/wp\/v2\/media?parent=4953"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.stratospherenetworks.com\/blog\/wp-json\/wp\/v2\/categories?post=4953"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.stratospherenetworks.com\/blog\/wp-json\/wp\/v2\/tags?post=4953"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}