Cyber Advisors Apache Log4j Recommendations and Services Package

Posted by Kate Drankoff on Dec 27, 2021 9:33:17 AM

Cyber Advisors Inc. has created a list of recommendations and a services package in response to Log4Shell vulnerability, that affects a significant number of systems and applications:

  1. Discover all internal assets that use the Log4j library. Clients should review the affected system's database to identify vulnerable applications and systems.  If the affected product is in one's environment, we recommend applying patches (testing them in a lower environment, if possible) and/or contacting the vendor for patches. Not all vendors will be able to quickly turn around patches to address zero-days, in these cases we recommend being consistent with communications for updates on patch releases and workarounds.

  2. Discover all internet-facing assets that allow data inputs and use Log4j Java library anywhere in the stack. Cyber Advisors Inc.’s Security Department is offering to conduct several specialized external scans to report if there are services behind current defense system that can be visible to hackers outside of your network. Cyber Advisors Inc. combined these external scans in one package at a cost of $995.00. An outcome of this scan is a detailed report and recommendations tailored to your environment.

  3. Assume compromise, identify common post-exploitation sources and activity, and hunt for signs of malicious activity.

  4. Update or isolate affected assets. Continue monitoring the updates for the applications and systems that exist within your network. This list is being updated and recommended to be monitored: (https://github.com/cisagov/log4j-affected-db/blob/develop/SOFTWARE-LIST.md)

If there is an interest in the external scans offered by Cyber Advisors Inc., please forward this email to CyberSOC@cyberadvisors.com with your contact information to initiate the scheduling process.

Topics: security, MSP, Log4j

About this blog

Welcome to the Cyber Advisors Blog.  Please take a moment to read through our content.  If you would like more information on any of these topics, simply reach out to us via contact information below.  If you find our content valuable, please subscribe.  

 

 
 
Would you like to hear from us? Click Below!
Learn More

Subscribe Here!

Recent Posts

Posts by Tag

See all