Dresner Group Blog

Our technology blogs feature IT tips and best practices for businesses in Columbia, Baltimore, Bel Air and in and about Maryland since 2002.

WARNING: Widespread Log4j Vulnerability is a Massive Danger to Businesses

WARNING: Widespread Log4j Vulnerability is a Massive Danger to Businesses

Before this week, you probably never heard about Log4j. Right now, though, it’s the biggest topic in cybersecurity due to a massive vulnerability that is estimated to affect millions of devices. Your business needs to take this seriously.

What is Log4j?

Without getting too deep into the roots, when developers create software and applications, they rely on different programming languages. For instance, Java has been a common programming language since the early 90s. Java contains libraries that developers can utilize, and one of these libraries, known as Log4j, was recently discovered to have a major vulnerability in it. This vulnerability has been around for years, but now that it is out in the open, cybercriminals are likely to take advantage of it to steal data and infiltrate networks.

The scope of this is huge. The vulnerability impacts some common names in the technology world, such as:

  • Amazon
  • Apple
  • Cisco
  • Fortinet
  • Google
  • IBM
  • Microsoft
  • SonicWall
  • Sophos
  • VMware

…as well as others, large and small. Even the United States’ Cybersecurity and Infrastructure Security Agency (CISA) is affected.

Does Log4j Affect My Business?

It’s pretty likely. Not to sound repetitive, but this is a major, major issue, and anyone using software or running a system with this vulnerability is putting themselves, their data, and their business at risk. It doesn’t just affect Microsoft and Apple, it affects all of us, because we all use Microsoft and Apple services.

How to Protect Yourself from the Log4j Vulnerability

For the most part, you need to rely on the security patches and updates your vendors provide for your software. Unless you develop your own applications, in which case then the onus is on you, you are at the mercy of your vendors.

Fortunately, most of the major vendors are scrambling to get security patches out. That said, it’s up to you to apply them. If you have software that is no longer receiving updates (such as older applications that have reached end-of-life, or have surpassed your license agreement), you’ll need to have someone determine if they utilize Log4j and come up with a game plan from there. Cases like this are going to get pretty hairy, so we suggest acting quickly.

Technology and the Internet are a Little Less Safe, so It’s Up to You to Protect Yourself

Since this vulnerability has such a wide impact, it really is up to you as an individual to make sure you are practicing good cybersecurity hygiene. Utilizing weak passwords like “123password” or using the same password across multiple accounts is a terrible, dangerous habit. You need to be using strong password best practices, such as:

  • Using a unique password for each account and website
  • Using a mix of alphanumeric characters and symbols
  • Using a sufficiently complex passcode to help with memorability without shorting your security
  • Keeping passwords to yourself

Let’s Audit your Technology ASAP

Don’t put your business at risk by ignoring the dangers of this vulnerability. You should have your network audited to ensure that everything on your network is thoroughly patched and determine if any systems are utilizing Log4j. It’s just a matter of time before we start seeing widespread exploitation of this vulnerability, so time is of the essence.

Give Dresner Group a call at (410) 531-6727 to schedule an appointment, even if you aren’t a client. This is very serious, and we don’t want to see local businesses struggle from this.

Stay Informed

When you subscribe to the blog, we will send you an e-mail when there are new updates on the site so you wouldn't miss them.

IT Management’s Biggest Challenge can be Settled w...
Hackers Aren’t Always Thieves


No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Friday, 03 February 2023

Captcha Image

Client Service Login

Latest News & Events

This tournament is scheduled to be held Friday, June 10, 2022. The past six years have all been sold-out and this year is shaping up to be another one for the books you won't want to miss. 

Contact Us

Learn more about what Dresner Group can do for your business.

  • (410) 531-6727
  • 8600 Foundry Street, Suite 302
    Savage, Maryland 20763

Copyright Dresner Group. All Rights Reserved.