



If you haven’t scrutinized your servers and security systems lately, it’s wise to do so as soon as possible. Members of Alibaba’s cloud security team have discovered a dangerous vulnerability called Log4Shell. This affects iCloud, Steam, Minecraft and more, and more generally poses a serious threat to your business.

This vulnerability, unearthed in the open source logging Log4j library, has sent scrambling to the Internet over the last few days, given how widespread the library is and how easily security vulnerabilities can be exploited. This bug allows hackers to take advantage of computer systems that can spread malware or steal data.

“It’s hard to think of a company that isn’t at risk,” Joe Sullivan, chief security officer for website security company Cloudfare, told The Associated Press. According to computer security researcher and white hacker Marcus Hutchins, this vulnerability is “very bad.” Especially because millions of applications use Log4j. Hutchins are known for their role in stopping 2017 WannaCry ransomware attacks.

If you are running the affected version of Log4j, most devices that have access to the Internet are at risk of threats. Minecraft was one of the first places to introduce this flaw. Hutchins explained on Twitter that after a Minecraft user sent a short message to a chat box, the code was now executed remotely on the game’s server.

In a recent statement, GenEastery, director of cybersecurity and infrastructure security agencies, said all organizations need to upgrade to log4j version 2.15.0 or apply appropriate vendor-recommended mitigations immediately. There is. “

Cybersecurity is a unique issue for small businesses, especially as many feel that they do not have the right equipment to tackle cyber threats head-on. In addition, you are more likely to succumb to an attack than a large company. According to Verizon’s Annual Data Fraud Investigation Report, in 2021, companies with less than 1,000 employees reported 1,037 incidents and confirmed 263 data disclosures. Meanwhile, 819 incidents and 307 data disclosures were reported by more than 1,000 companies.

Malware, viruses, ransomware and phishing are one of the more common threats. The first step in fighting them is to make sure your security prevention system is up to date. Stocking the data you hold is a common best practice, as well as knowing who can access what data.

And of course, it’s also important to keep your team up to date with timely training. After all, businesses are powerful only as their weakest links-and all you need is one click because things go wrong.

