Two Common Vulnerability and Exposures (CVEs) were released for Apache Log4j on December 10th, 2021, and have dominated headlines in the Information Technology and Security industries. Log4j, a Java-based 'logging utility' within the Apache Logging Services, is embedded throughout widespread technologies and products depended on every day by businesses and consumers alike. The initial discovery stemmed from the popular video game, Minecraft. These particular CVEs are not only trivial to exploit, but are actively being exploited in the wild via a race condition and allow remote attackers to gain control of compromised systems.
Cyber Advisors Inc. has created a list of recommendations and a services package in response to Log4Shell vulnerability, that affects a significant number of systems and applications. More information can be found here.