Cyber Advisors Inc. has created a list of recommendations and a services package in response to Log4Shell vulnerability, that affects a significant number of systems and applications:
Discover all internal assets that use the Log4j library. Clients should review the affected system's database to identify vulnerable applications and systems. If the affected product is in one's environment, we recommend applying patches (testing them in a lower environment, if possible) and/or contacting the vendor for patches. Not all vendors will be able to quickly turn around patches to address zero-days, in these cases we recommend being consistent with communications for updates on patch releases and workarounds.
Discover all internet-facing assets that allow data inputs and use Log4j Java library anywhere in the stack. Cyber Advisors Inc.’s Security Department is offering to conduct several specialized external scans to report if there are services behind current defense system that can be visible to hackers outside of your network. Cyber Advisors Inc. combined these external scans in one package at a cost of $995.00. An outcome of this scan is a detailed report and recommendations tailored to your environment.
Assume compromise, identify common post-exploitation sources and activity, and hunt for signs of malicious activity.
- Update or isolate affected assets. Continue monitoring the updates for the applications and systems that exist within your network. This list is being updated and recommended to be monitored: (https://github.com/cisagov/log4j-affected-db/blob/develop/SOFTWARE-LIST.md)
If there is an interest in the external scans offered by Cyber Advisors Inc., please forward this email to CyberSOC@cyberadvisors.com with your contact information to initiate the scheduling process.