What we know: On Dec. 10, 2021, the Apache Software Foundation released a security advisory to address a software vulnerability. A remote adversary could exploit this vulnerability to take control of an affected system. This particular software is an open-source, Java-based logging utility widely used by enterprise applications and cloud services. This vulnerability, which is being widely exploited by a growing set of threat actors, presents an urgent challenge to organizations given its broad use. We are seeing an increase of attempts to exploit the vulnerability coming from locations outside the United States.
What we are doing: NHNHRMC activated an Incident Response team on Friday, Dec. 10. The teams have implemented several counter measures to reduce the risk to the organization including escalating with our Security Partners (Rapid 7 and Crowdstrike) and vendors. In an effort to prevent exploits of this vulnerability, we are implementing a security rule to block traffic from locations outside the United States unless we are aware and have verified the connections.
How you can help: If any of your vendors report any issues attempting to connect to our network, please call our Help Desk at 910-667-7855 to report the issue and this will be escalated to the Incident Response team.
More information about this threat can be viewed here: