In quick succession in December, The Apache Software Foundation released information on two critical vulnerabilities in its Log4j Java-based library. The first vulnerability CVE-2021-44228, also known as Log4Shell or LogJam, was reported as an unauthenticated remote code execution (RCE) vulnerability. By exploiting how the library logs error messages, it could lead to a complete system takeover.
Here’s the reality: hybrid and remote work are here to stay. This means access to your corporate data can now come from anywhere, on any device and any network. In order to tackle this new norm, Gartner has defined a new cybersecurity framework called Secure Access Service Edge (SASE).
In Q1 of 2021, 4 in 10 people encountered an unsafe link while using their mobile devices – less than a year later, 5 in 10 people encountered threats in Q3 2021. This trend will only continue as text message, email and social media phishing scams surge.
A decade ago, many were reluctant to move to the cloud. Many felt like they would have to relinquish controls they had within their perimeters. That sentiment has since reversed, where organizations have become more comfortable with cloud technology. The newest concern is about corporate data leaving the cloud, especially as employees expect to work from anywhere. Software-as-a-service (SaaS) applications have enabled people to stay productive from anywhere, but have also amplified security gaps.
Here at Lookout, our Threat Intelligence Services teams work with a massive data set that enables them to proactively hunt for threats and conduct forensic investigations. While our findings are used to protect Lookout customers, we also pride ourselves in contributing to the cybersecurity community ensuring that everyone’s security and privacy are safeguarded.
