Categories
Event Marketing and Sponsorships

Log4J (Log4Shell): Mitigating the Impact on Your Organization [Video]

At midnight last Thursday, we experienced one of the most notable infosec events in years. A new zero-day exploit in a popular logging package for Java, Log4j, was discovered. The exact origin and timeline are still being investigated, but it’s important to note that this was not just a vulnerability announcement. The information disclosed was rapidly followed by fully functional exploit code—and the exploit itself turned out to be trivial to execute.

Over 3 billion devices run Java, and because there are only a handful of logging libraries, many of them are likely to run Log4j. Worse still, many internet-exposed target applications can be exploited by external users without authentication. And unlike some other notable open source vulnerabilities, such as the infamous Heartbleed or the recently disclosed Trojan Source, in this case no prior coordination took place “behind the scenes” to ensure that users had adequate time to plan their response.Putting aside the deconstruction of the …

Watch/Read More