If you've been seeing articles like this and you're wondering what #Log4j is all about, we can help.
📖 (1/8)
📖 (1/8)
https://twitter.com/Independent/status/1470654959528161281
❓ First up, what is #Log4j?
🌍 It's a potentially Internet-wide security flaw which has the potential to affect many of the devices and services we use online every day.
(2/8)
🌍 It's a potentially Internet-wide security flaw which has the potential to affect many of the devices and services we use online every day.
(2/8)
⏲️ Let's take a step back.
🖥️ Modern software can be large, powerful and complex. It's increasingly made out of 'building blocks': rather than teams writing new code every time, they often use existing code to speed things up.
#Log4j is one of those 'building blocks'.
(3/8)
🖥️ Modern software can be large, powerful and complex. It's increasingly made out of 'building blocks': rather than teams writing new code every time, they often use existing code to speed things up.
#Log4j is one of those 'building blocks'.
(3/8)
🔽 #Log4j is used by developers to keep track of what happens in their software applications.
It's basically a huge journal of an individual's visit: this activity is called 'logging' and is used by developers to keep an eye on any problems.
(4/8)
It's basically a huge journal of an individual's visit: this activity is called 'logging' and is used by developers to keep an eye on any problems.
(4/8)
❓ What's the issue?
🔓 Last week, versions of #Log4j were found to have a critical vulnerability. If left unfixed, attackers can use it to break into networks and do things like steal data and infect networks.
The fact Log4j is used so widely is the issue.
(5/8)
🔓 Last week, versions of #Log4j were found to have a critical vulnerability. If left unfixed, attackers can use it to break into networks and do things like steal data and infect networks.
The fact Log4j is used so widely is the issue.
(5/8)
❓ I'm just an individual, should I be worried?
🔓 #Log4j is almost certainly part of the devices and services you use every day. The best thing you can do to protect yourself is to continue to make sure your devices and apps are up-to-date ⤵️
ncsc.gov.uk/collection/top…
(6/8)
🔓 #Log4j is almost certainly part of the devices and services you use every day. The best thing you can do to protect yourself is to continue to make sure your devices and apps are up-to-date ⤵️
ncsc.gov.uk/collection/top…
(6/8)
❓ What if I have a business or organisation?
🔓 What's tricky is that you might not immediately know if your web servers, applications, network devices and other software and hardware uses #Log4j.
This makes it all the more important you follow our advice⤵️
(7/8)
🔓 What's tricky is that you might not immediately know if your web servers, applications, network devices and other software and hardware uses #Log4j.
This makes it all the more important you follow our advice⤵️
(7/8)
We've updated our advice and guidance with:
❓ More information about #Log4j
🛡️ Priority actions to take to protect your networks
📦 NCSC services available to you
⚠️ How to report a compromise
ncsc.gov.uk/news/apache-lo…
(8/8)
❓ More information about #Log4j
🛡️ Priority actions to take to protect your networks
📦 NCSC services available to you
⚠️ How to report a compromise
ncsc.gov.uk/news/apache-lo…
(8/8)
• • •
Missing some Tweet in this thread? You can try to
force a refresh
