Executive summary \r\n A critical remote code-execution vulnerability ( CVE-2021-44228 ) has been publicly disclosed in Log4j , an open-source logging utility that’s used widely in applications, including many by large enterprise organizations.  \r\n The vulnerability allows threat actors to exfiltrate information from, and execute malicious code on, systems running applications that utilize the library by manipulating log messages. There are already reports of servers performing internet-wide scans in attempts to locate vulnerable servers, and our threat intelligence teams are seeing attempts to exploit this vulnerability at alarming volumes. Log4j is incorporated into many popular frameworks and many Java applications, making the impact widespread. \r\n Akamai’s extensive security suite, including Application and API Security solutions, Secure Internet Access Enterprise, and Guardicore Segmentation, is well positioned to help address this vulnerability in different ways.…