As a data and security professional, you were probably affected by the latest zero-day exploit (CVE-2021-44228) targeting the Apache Log4j logging library (Log4Shell).
This logging library is commonly used by enterprise apps and cloud services, with many enterprise deployments supporting private apps. Apache has since released a security update and provided recommended configurations for earlier versions that mitigates the vulnerability's impact. However, we strongly encourage all IT admins to update their software immediately if you haven't already done so.
Update on December 14, 2021: A second Log4j vulnerability was just discovered, and a patch was released already.
Here's a quick cheat sheet list of links to help you in your continued endeavors.
And here is what some of our technology partners are suggesting:
1. LogRhythm's blog on the vulnerability
2. Splunk's blog updates for Log4j
3. Microsoft's blog on all things Log4j
4. Snowflake was not impacted by by the vulnerability
5. Google Cloud Armor WAF rule to help mitigate Apache Log4j vulnerability and it's Log4j advisory page