As if 2021 was not tough enough, the end of the year has caused another major shakedown in the business world. A critical vulnerability in Log4j, a popular Java-based logging utility, has left businesses and their date insecure. The new vulnerability has been named Log4Shell. Due to its functionality and open-source nature, Log4j is used in thousands of applications including products by Amazon, Apple, Microsoft, Twitter, and Samsung. It has already made headlines in major world media outlets including The Guardian, BBC, and Forbes, while security experts name it one of the worst vulnerabilities ever.
Log4Shell is reported to be actively exploited by hackers enabling them to breach affected systems, steal data, plant malware, and even take full control of the system. The public coverage only makes it worse as it draws criminals' attention to the vulnerability. Check Point reported a rapidly increasing number of 'mutations'—new ways to exploit the vulnerability. The company's specialists recorded more than 60 new variations in just one day.
While security companies are advising customers to install the latest versions of their software to protect against the vulnerability, it does not guarantee full safety. In fact, the problem will remain and a lot of work is required to eliminate it.
Luckily for HansaWorld customers, our products do not use Java and Log4j and are not affected by Log4Shell.
"From the very origin, we decided to avoid using third-party tools. Instead, we developed everything from scratch to achieve greater integration, enhanced security, and more effective product development. The situation with Log4j once again demonstrates that this was the right decision”, commented HansaWorld founder and CEO Karl Bohlin.
That alone does not make your system invincible though, it still can be penetrated from various angles: hosting, email clients, and web browsers to name a few. Therefore, we highly recommend using our safe hosting and email functionality to ensure the highest level of security.
Any questions? Feel free to contact your local representative for more information on how to maximise your business's security. Stay safe and secure!