CISA leaders describe ‘unprecedented’ collaborative effort to mitigate Log4jShell vulnerability

One month into the response to the Log4jShell software vulnerability, CISA Director Jen Easterly and executive assistant director for cyber Eric Goldstein described an “unprecedented” effort to work with vendors, IT and OT system operators, and independent researchers to mitigate a threat that could eventually enable ransomware or other forms of nation-state cyber attacks.

Easterly and Goldstein, on a press call today, said security officials “have seen widespread” exploitation of the Log4jShell vulnerability in illicit crypto-mining operations and to “capture...