Apache Log4j Vulnerability

Since the 9th of December 2021, SABRIC’s member banks have been actively responding to the globally reported remote code vulnerability in the Apache Log4j 2 Java software, also known as Log4Shell (or LogJam), that can allow someone to take control of java-based web servers and launch remote code attacks.

“The banking sector’s computer security incident response team, or CSIRT, is pro-actively monitoring the situation as banks investigate and take action.” says SABRIC CEO, Nischal Mewalall

Mewalall added that thus far, no compromises in customer data, applications and systems have been reported.

SABRIC recommends that organisations running Apache Log4j, urgently take the following actions:

• Check for vulnerable versions of Apache Log4j in your environments and applications,
• Implement the latest patch to production environments as soon as possible,
• Monitor security bulletins and
• Monitor for vendor patches as they become available.


To arrange interviews with SABRIC CEO, Nischal Mewalall, please click HERE.