Blog

Quick updates

The explosions at the Nord Stream 1 and 2 gas pipelines in 2022 starkly highlighted the vulnerability of our underwater infrastructure. In addition to pipelines essential for energy supply, digital infrastructure is increasingly seen as a potential target for sabotage. Experts warn that digital infrastructure, such as undersea data cables, is a critical and vulnerable part of our modern society. Read more

NIS2 is the next major regulation after GDPR and NIS(1) that organizations need to contend with. Our goal is to shed light on this new directive with a realistic perspective, to determine its applicability to our average SME customer, and to explore how we can assist in compliance. Read more

The holiday season often brings the joy of unwrapping new gadgets, and one exciting addition could be a shiny new smartphone. However, before you bid farewell to your trusted old device, it's crucial to ensure a smooth transition, especially regarding your Multi-Factor Authentication (MFA) profiles. Read more

We start with the conclusion of this article because we cannot emphasize it enough. But, of course, we want you to stay interested and keep on reading. That is why we already reveal that we will provide you with a clear and comprehensible overview of the different forms of social engineering. We will also explain how you can minimize the risks for your company as much as possible. Read more

The leak in Log4j explained

Log4j leak explained
IT & telecom news

The leak in Log4j explained

As you may have heard from the press, a security issue was recently found through the widely used application named “Apache Log4j”. “Apache Log4j” is a supporting application mainly used by programs that use a web browser (Chrome, Edge Internet Explorer…) as well as public websites.

What’s the problem?

The vulnerability in the open source tool Apache Log4j 2 makes it possible to remotely inject and execute arbitrary code with the permissions of the respective Java application. The vulnerability is labeled CVE-2021-44228 and is also known as Log4Shell.

What must be done to avoid security problems?

Apache, the software supplier that manages this (helper) application, has meanwhile released an update for the Log4j tool (v2.15.0). It is therefore of the utmost importance to have it installed or have it installed quickly.
Several other software vendors that use this Log4j technology have already released updates. So be sure to ask your (software) supplier(s) if this applies.

At K-Force, we have already proactively checked our own programs and checked our customers (websites) with managed services. So far, no problems or risks have been identified here and according to the information we currently have, everything is properly secured.

Questions?

Of course you can always contact us for all your further questions regarding this subject. The quickest way to do this is by sending an e-mail with a clear question to info@k-force.be.

How can we help? Get in touch with our experts.

Enter your details and we will contact you as soon as possible.


    We value your privacy and we only use the information you entered here in order to reply you.

    Or call us now!

    We are happy to discuss your project, in person or via video call. Request a free consult with one of our IT or telecom experts to get to know each other and to look into your particular situation.