CMMC Updates December 2021

Share This Post:

2021 was a big year for CMMC. Learn what news came out in December.

As many have seen, the Log4Shell vulnerability is an extremely serious flaw and will likely impact organizations for years to come. It’s difficult to detect, used in countless software and is the perfect vehicle to get malware into your network. And unfortunately for businesses across the globe, there is no one cyber tool that can protect your enterprise against Log4Shell.
Congressional auditors point to challenges ahead for Pentagon’s CMMC program
The Government Accountability Office found numerous problems with the Pentagon’s first instantiation of the Cybersecurity Maturity Model Certification program, pointing to challenges ahead as the Defense Department overhauls its plan to ensure contractors have adequate cybersecurity.
Blumira research team has discovered an alternative attack vector in the Log4j vulnerability that relies on a basic Javascript WebSocket connection to trigger the RCE locally via drive-by compromise.

More from the blog

Learn More About Upcoming Events