An Apache software vulnerability that affects a Java logging package known as Log4j puts Managed Service Providers, Managed Security Service Provider, and especially their clients at risk.  These vulnerabilities, being exploited as “Log4Shell” attacks are extremely dangerous.  In response, the CISA provided the following guidance. Additionally, technicians at Cybereason have developed and released a Log4j vaccine fix that “requires only basic Java skills to implement and is freely available to any organization” the company says. For more information on how BW Cyber Services can assist you, please contact us at