Cyber Advisors Inc. has created a list of recommendations and a services package in response to Log4Shell vulnerability, that affects a significant number of systems and applications:
Discover all internal assets that use the Log4j library. Clients should review the affected system's database to identify vulnerable applications and systems. If the affected product is in one's environment, we recommend applying patches (testing them in a lower environment, if possible) and/or contacting the vendor for patches. Not all vendors will be able to quickly turn around patches to address zero-days, in these cases we recommend being consistent with communications for updates on patch releases and workarounds.
Discover all internet-facing assets that allow data inputs and use Log4j Java library anywhere in the stack. Cyber Advisors Inc.’s Security Department is offering to conduct several specialized external scans to report if there are services behind current defense system that can be visible to hackers outside of your network. Cyber Advisors Inc. combined these external scans in one package at a cost of $995.00. An outcome of this scan is a detailed report and recommendations tailored to your environment.
Assume compromise, identify common post-exploitation sources and activity, and hunt for signs of malicious activity.
If there is an interest in the external scans offered by Cyber Advisors Inc., please forward this email to CyberSOC@cyberadvisors.com with your contact information to initiate the scheduling process.