Follow our response to this incident here.
Attackers have started to exploit a vulnerability that affects a Java logging package. Log4j is used in a variety of software applications, and by a variety of software developers and manufacturers. Some of those include Apple, Twitter, Steam, Tesla, Apache, and the Minecraft video game.
What we have discovered so far:
- Approximately 75% of our vendors/partners have responded to our requests about their solutions vulnerability to the Log4j issue. All have responded with positive news, that this issue had either been dealt with (using a patch that was deployed within the past 24 hours) or a patch will be deployed in the near future.
- Some of our partners/vendors have responded that Log4j is not an issue for them.
Our next steps:
- CSC will continue to perform analysis of applications and continue to monitor this vulnerability.
- When any additional patches or updates are made available to us, we will update this site with the latest information and action taken.
What you should do:
- We offer a managed service solution called RemoteView Security (Cylance) that can help with your protection strategy.
- For additional information, please click the link: CISA.gov.
Customized Service Concepts is actively monitoring this vulnerability, and will provide updates through this page regularly.
Please reach out with any questions or concerns at firstname.lastname@example.org.
Thank you for your continued support.
18 Cote Ave Suite 13
Goffstown, NH 03045
51 Ozick Dr, Suite 101
Durham, CT 06422