[Security-Discuss] RBTC Q1 Security Talk Topics?

Thomas Tweeks Weeks tom at theweeks.org
Thu Jan 13 18:17:54 EST 2022


Hey all..

Hope you had a great Holiday break. Most of us are back now.. and getting settled back into things.
As such, I had been thinking about our RBTC security topic for Q1.. and the only thing on my (and many others) mind right now security wise is Log4J.. especially with its estimated impact on "hundreds of millions of devices"[1]Beyond patching your kid's Minecraft clients and servers.. on the Enterprise, business, or campus sides of things.. How to find all your systems running java/log4j (especially for hidden or embedded systems), and various patching strategies (or stories).. especially for those relying on third parties to provide patches (e.g. network devices, etc).
Thoughts?
Do any of you manage affected systems?
Did you have any big audit/scanning for affected systems?
What was your patching strategy?
Do you think there are any better or more timely topics?
[1] - [ https://www.wired.com/story/lo4j-ftc-vulnerability/ ]( https://www.wired.com/story/lo4j-ftc-vulnerability/ )



-- 
T.Weeks
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.rbtc.tech/pipermail/security-discuss/attachments/20220113/69d07284/attachment.html>


More information about the Security-Discuss mailing list