On December 9th 2021, the Apache Log4j project disclosed a zero day vulnerability that affects Log4j. This vulnerability is also known as Log4Shell.
If this vulnerability exists in a service and is exploited by hackers, it could allow hackers to execute code on the affected servers and essentially gain remote operation of them.
Upon learning of this exploit, Rhombus took immediate action to see if any of its services used Log4j. Our analysis over the last few days found the following:
Rhombus Systems services do not use Log4j for logging. Our analysis confirms that:
This means that the following products and components were NOT affected:
One AWS Service (OpenSearch) used by Rhombus was running the vulnerable version of Log4j.
One third-party party software (Flink) uses Log4j, but not the affected version.
No. Rhombus users can continue to use the Rhombus platform as usual. All patches will be automatically applied to all Rhombus devices remotely.
The Rhombus Security team will continue to evaluate our services and our vendors for any potential exposure to this vulnerability. We’ll provide any updates directly to this blog post if we discover any other risks.
Cybersecurity is becoming an increasing priority for enterprise organizations. Because cybersecurity deals with data, privacy, and security, organizations today are finding that cybersecurity and physical security—especially video surveillance—are unavoidably linked. But what exactly do you need to worry about when it comes to cybersecurity and video surveillance? How can you protect your video security system against breaches and cyberattacks? How do you know that the data privacy of your employees, customers, and more is secure? This guide will help you understand what good cybersecurity standards and practices look like in a video security context. You’ll learn what best practices you personally can follow, and what best practices you should look for in a vendor.
Many CJIS-compliant organizations wonder how video surveillance fits into their security policies. Security cameras help criminal justice organizations secure their facilities and protect employees. However, it’s crucial to maintain CJIS compliance to protect Criminal Justice Information (CJI) while using a video security solution. In this article, you’ll learn how to use security cameras in a CJIS-compliant way, and how you can use video surveillance to strengthen overall CJIS compliance throughout your entire organization.
Organizations in every industry use video surveillance to make decisions that affect the safety of their facilities, employees, visitors, and more. If you use IP security cameras for live monitoring, it’s especially important that footage has low latency and it is as accurate and up to date as possible. But what is considered ‘good’ or ‘bad’ latency when it comes to video surveillance? How does being in ‘the cloud’ affect it? This post will explore the differences between low latency, ultra-low latency, and real-time streaming. We’ll talk about what you actually need for your video security system, and how you can achieve ultra-low latency and real-time streaming.