Control Risks’ response to Log4J vulnerability
Following identification of the Log4J vulnerability, Control Risks has not detected any indications that our systems have been compromised, nor any evidence of malicious activity. We have acted swiftly to protect clients, critical services and applications through the following actions:
- Our web application firewall has been updated to prevent the exploitation of the remote code execution (RCE) of Log4J
- Third-party patches are being applied upon release
- Enhanced detection protocols have been configured
- Our 24/7 incident response has been heightened to ensure any attempts to exploit the vulnerability are identified and contained
The security of the information we hold is of the utmost importance to us, and we continue to be vigilant and proactive in protecting our systems and client data.