On Dec. 9, 2021, a remote code execution (RCE) vulnerability in the popular Java-based logging package Log4j was disclosed. Submitting a specially crafted request to a vulnerable system allows an attacker to download and execute a malicious payload to perform additional functions such as data exfiltration, diverting funds, performing surveillance, or disrupting service. What many experts fear now is that the bug could be used to encrypt data and due to the discovery of this exploit being so recent, there are still many servers, both on-premises and within cloud environments, that have yet to be patched. Scanning activity for CVE-2021-44228 has actively begun on the internet with the intent of seeking out and exploiting unpatched systems. Apache Log4j versions <= 2.15.0 rc1 are vulnerable.
David Hart, President and Chief Operating Officer of Presidio is responsible for sales and technology strategy and execution, emerging businesses development, alliances and sourcing, internal IT and our leasing arm – Presidio Technology Capital. He has served on the advisory boards of several world class technology innovators such as Cisco, Dell Technologies, Palo Alto Networks and Intel. Prior to his current role, Dave served as Chief Technology Officer. He joined Presidio in 2005 when the company acquired Networked Information Systems (NIS), a high growth IT systems integrator, where he led engineering, professional and managed services from its founding in 2000. Prior to NIS, Dave was Vice President of Engineering at Aztec Technology Partners (Nasdaq: AZTC) and at its predecessor, Bay State Computer Group. He holds a BS in Industrial Technology and a MS in Manufacturing Engineering from the University of Massachusetts Lowell.