15 December 2021
Critical Apache Log4j Remote Code Execution Vulnerability (Log4Shell)
On December 9, 2021, it was publicly reported that a new, critical vulnerability was identified impacting Apache Log4j utility (CVE-2021-44228). For additional details about this vulnerability, affected versions and solutions, please reference the Apache Logging Services alert.
As always, our priority at Yieldbroker is the security and integrity of our systems, data and customer data. Starting on Saturday, we began reviewing and have continued to monitor our systems. At this stage we have no evidence of our systems being compromised by the Log4j vulnerability.
Based on the threat intelligence and as the situation evolves, we will continue to assess the impact on Yieldbroker systems and remediate or mitigate, as required. Appropriate remediation, mitigation, and testing is in progress.
Here is a quick summary of the actions taken by the Yieldbroker Infrastructure, Market Operations and Software Development teams and what we know so far:
- Yieldbroker has in place proactive detection and blocking capabilities. For example, Palo Alto (the Yieldbroker firewall) and other tools are already identifying and blocking any attempted external attacks
- Via our vendor management process, we have requested information regarding remediation activities and impact statements from our key third-party suppliers. None of our vendors have been identified as vulnerable and/or have advised of any impact
- Core systems have been assessed and, where required, appropriate mitigation or remediation has already been implemented
- On Wednesday 22 December we upgraded Log4J in all applications to the latest version i.e. 2.17
- Production and other platform environments are protected, as is the Yieldbroker website
- Yieldbroker engages a third-party vendor to undertake vulnerability scans of our internet-facing network. No Log4j vulnerabilities have been reported.
- Crowdstrike’s Overwatch continuously monitors Yieldbroker’s network (24/7) to detect any suspicious activity related to the vulnerability with Apache Log4j
Yieldbroker uses a vulnerability and patch management tool called Tenable. Tenable has released a plug-in for Log4j and we are currently scanning our infrastructure to identify any vulnerabilities.
Please direct any questions you may have to the Helpdesk.
Phone (within Australia): 1800 220 550
International: +61 2 9994 2890
London Desk: +44 203 769 0355