Many people dream of becoming entrepreneurs, and often the biggest...
Letting technology do the heavy lifting for certain monotonous tasks...
Human Resources (HR) might feel like an afterthought...
January 13, 2022
Check Point Research identified a whopping 50% uptick in weekly cybersecurity attacks on business networks in the fourth quarter of 2021 versus 2020, a figure the cybersecurity firm said was exacerbated by the Log4j vulnerability discovered in December.
Log4j is a popular open-source Java logging library developed by the Apache Software Foundation. It is used by developers to record what happens in their software applications or online services. A software vulnerability in Log4j, disclosed in December and also known as Log4Shell, has gained broad attention for posing a severe risk to millions of applications and devices across the globe.
Microsoft reports that Log4Shell can be used to break into systems, steal passwords and logins, extract data and infect networks with malicious software. Enterprise software developer Red Hat assigned Log4Shell a 9.8 severity score out of possible 10 on the Common Vulnerability Scoring System, while the National Institute of Standards and Technology rated Log4Shell its highest severity score, 10.
Security experts warn that attackers are making hundreds of thousands of attempts to find vulnerable devices. Any device with internet access is at risk if it’s running open-source logging Log4j library, version 2.0 to 2.14.1.
Although the Log4j library is used worldwide in millions of software applications and online services, it makes systems vulnerable by allowing attackers to execute code remotely on a target computer to spread malware, steal data and take control.
Minecraft servers were the first to face Log4j exploitation via a malicious string entered through its chat box. Malignant text entered in the username box on web applications, like Apple iCloud, can also lead to compromise. Although fixes have been issued, organizations still need time to identify exploited areas or potential threats and implement the measures.
Several national cybersecurity agencies, including the Cybersecurity and Infrastructure Security Agency and the UK’s National Cyber Security Centre, have issued warnings to take immediate measures against the Log4j vulnerability.
“We will only minimize potential impacts through collaborative efforts between government and the private sector,” said CISA Director Jen Easterly. “We urge all organizations to join us in this essential effort and take action.”
Measures undertaken by major tech firms to detect, mitigate Log4J vulnerability:
1. NCC Group offers paid tools for businesses to test Log4j vulnerability. 2. Microsoft released guidance on preventing and detecting Log4j exploitation. 3. IBM issued guidance for its customers. 4. Oracle issued a patch to avoid Log4j exploitation. 5. Amazon web services announced it is working on patching services. 6. Cisco released rules to detect exploitation and patches for its affected products.
Any organization affected by the Log4Shell flaw should upgrade Log4j to version 2.16.0, which Apache released on Dec. 13.
Our team is made up of seasoned professionals who bring years of industry experience to the table. You gain a trusted advisor who understands your business inside out.
Say goodbye to the hassles of hiring, training and managing in-house finance teams. You will never have to worry about unexpected leave of absence or retraining new employees.
Whether you’re a small business or a global powerhouse, our solutions scale with your needs. We eliminate inefficiencies, reduce costs and help you focus on growing your business.
Human Resources (HR) might feel like an afterthought for many small business owners juggling day-to-day demands, yet it has a...
Artificial intelligence (AI) isn’t just for tech giants anymore—it’s increasingly accessible to small and mid-sized businesses seeking a competitive edge...
Setting up a payroll system is an essential step that helps small business owners pay their employees accurately and on...
While small businesses must handle day-to-day tasks—like managing payroll or closing monthly books—long-term planning is the compass that keeps them...
Benefits administration can be a game-changer for small businesses aiming to attract and retain top talent. While salaries remain an...
Choosing the right accounting method can significantly impact how you track financial performance, manage taxes, and plan growth. Two common...
Bootstrapping—financing growth through internal cash flow—is a hallmark of many successful startups. But as businesses mature past their initial stage,...
In today’s business landscape, technology is more than a convenience—it’s a strategic asset that can supercharge growth. But as you...