On Dec. 9, 2021, a remote code execution (RCE) vulnerability in the popular Java-based logging package Log4j was disclosed. Submitting a specially crafted request to a vulnerable system allows an attacker to download and execute a malicious payload to perform additional functions such as data exfiltration, diverting funds, performing surveillance, or disrupting service. What many experts fear now is that the bug could be used to encrypt data and due to the discovery of this exploit being so recent, there are still many servers, both on-premises and within cloud environments, that have yet to be patched. Scanning activity for CVE-2021-44228 has actively begun on the internet with the intent of seeking out and exploiting unpatched systems. Apache Log4j versions <= 2.15.0 rc1 are vulnerable.
Brid Graham is the Senior Vice President of Presidio Europe & APAC. Brid is responsible for driving Presidio’s IT Services, Solutions Business and IT Procurement Business including the company’s Apple Practice. Her teams design and implement innovative solutions that support business transformation, enabling clients to scale in Europe, Middle East and Africa and Asia Pacific. Brid joined the company in 2001 as an Account Manager at Arkphire and has since then has held a variety of leadership roles