[Security-Discuss] RBTC Q1 Security Talk Topics?
Weeks, Thomas
t.weeks at vt.edu
Mon Jan 10 11:21:58 EST 2022
Hey all..
Hope you had a great Holiday break. Most of us are back now.. and getting settled back into things.
As such, I had been thinking about our RBTC security topic for Q1.. and the only thing on my mind right now is Log4J.. especially with its estimated impact on "hundreds of millions of devices"[1]Beyond patching your kid's Minecraft clients and servers.. on the Enterprise, business, or campus sides of things.. How to find all your systems running java/log4j (especially for hidden or embedded systems), and various patching strategies (or stories).. especially for those relying on third parties to provide patches (e.g. network devices, etc).
Thoughts?
Do any of you manage affected systems?
Did you have any big audit/scanning for affected systems?
What was your patching strategy?
Do you think there are any better or more timely topics?
[1] - https://www.wired.com/story/lo4j-ftc-vulnerability/
--
T.Weeks
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.rbtc.tech/pipermail/security-discuss/attachments/20220110/2f407cd0/attachment.html>
More information about the Security-Discuss
mailing list