Cyber Advisors Apache Log4j Recommendations and Services Package
Kate Drankoff 12/27/2021
1 Minutes

Cyber Advisors Inc. has created a list of recommendations and a services package in response to Log4Shell vulnerability, that affects a significant number of systems and applications:

  1. Discover all internal assets that use the Log4j library. Clients should review the affected system's database to identify vulnerable applications and systems.  If the affected product is in one's environment, we recommend applying patches (testing them in a lower environment, if possible) and/or contacting the vendor for patches. Not all vendors will be able to quickly turn around patches to address zero-days, in these cases we recommend being consistent with communications for updates on patch releases and workarounds.

  2. Discover all internet-facing assets that allow data inputs and use Log4j Java library anywhere in the stack. Cyber Advisors Inc.’s Security Department is offering to conduct several specialized external scans to report if there are services behind current defense system that can be visible to hackers outside of your network. Cyber Advisors Inc. combined these external scans in one package at a cost of $995.00. An outcome of this scan is a detailed report and recommendations tailored to your environment.

  3. Assume compromise, identify common post-exploitation sources and activity, and hunt for signs of malicious activity.

  4. Update or isolate affected assets. Continue monitoring the updates for the applications and systems that exist within your network. This list is being updated and recommended to be monitored: (

If there is an interest in the external scans offered by Cyber Advisors Inc., please forward this email to with your contact information to initiate the scheduling process.

Related Posts

It is a long established fact that a reader will be distracted by the readable content of a page when looking at its layout.

Kate Drankoff 18 January, 2022

Cyber Thursday: Cyber Advisors Security Updates January 2022

Tune in as our team of security expects dive into critical information you need to know. We're…

Kate Drankoff 23 December, 2021

Apache Log4j

Two Common Vulnerability and Exposures (CVEs) were released for Apache Log4j on December 10th,…