Latest on Log4j vulnerability
Incident Report for Silverfin
This incident has been resolved.
Posted Dec 14, 2021 - 16:58 CET
As you might have heard in the news, there is a newly discovered vulnerability announced in a widely used Java logging library called Apache Log4j. It was uncovered in an open-source logging tool that is ubiquitous in cloud servers and enterprise software used across the industry and the government: it is easy to exploit and enables attackers to gain full control of affected servers, and is rapidly emerging as a major threat.

Silverfin has already identified and patched critical services we manage and operate. No signs of unauthorized access have been recorded so far.

We continue to investigate both additional vulnerable services and unauthorized access to our and our customer's data in both our infrastructure and in our third party suppliers'.

If any breach of confidentiality and integrity of data is found, we will notify you swiftly.
Posted Dec 14, 2021 - 16:14 CET