[Security-Discuss] RBTC Q1 Security Talk Topics?

[Tom Casey]

T.Weeks,

 

Our incident response team has been pretty busy over the last few weeks helping customers with Log4j.  Maybe a perspective on what they have been seeing across our customer base and how they dealt with it would be helpful?

 

Just throwing it out there.

 

 

 

Tom Casey, Account Executive
O 804-767-2412M 703-989-0833
e tom.casey at guidepointsecurity.com

 

Confidentiality Notice: This communication constitutes an electronic communication within the meaning of the Electronic Communications Privacy Act, 18 U.S.C. Section 2510, and its disclosure is strictly limited to the recipient intended by the sender of this message. This transmission, and any attachments, may contain confidential information and work product(s). If you are not the intended recipient, any disclosure, copying, distribution or use of any of the information contained in or attached to this transmission is STRICTLY PROHIBITED. Please contact us immediately by return e-mail or call (877) 889-0132 option 5, and destroy the original transmission and its attachments without reading or saving in any manner.
 

 

From: Security-Discuss <security-discuss-bounces at lists.rbtc.tech> on behalf of "Weeks, Thomas" <t.weeks at vt.edu>
Date: Thursday, January 13, 2022 at 4:28 PM
To: "security-discuss at lists.rbtc.tech" <security-discuss at lists.rbtc.tech>
Subject: [Security-Discuss] RBTC Q1 Security Talk Topics?

 

 

 

Hey all..

 

Hope you had a great Holiday break. Most of us are back now.. and getting settled back into things.

 

As such, I had been thinking about our RBTC security topic for Q1.. and the only thing on my mind right now is Log4J.. especially with its estimated impact on "hundreds of millions of devices"[1]Beyond patching your kid's Minecraft clients and servers.. on the Enterprise, business, or campus sides of things.. How to find all your systems running java/log4j (especially for hidden or embedded systems), and various patching strategies (or stories).. especially for those relying on third parties to provide patches (e.g. network devices, etc).

 

Thoughts?

 

Do any of you manage affected systems?

Did you have any big audit/scanning for affected systems?

What was your patching strategy?

 

Do you think there are any better or more timely topics?

 

 

[1] - https://www.wired.com/story/lo4j-ftc-vulnerability/ [wired.com]

 

-- 

T.Weeks

_______________________________________________ Security-Discuss mailing list Security-Discuss at lists.rbtc.tech https://urldefense.proofpoint.com/v2/url?u=http-3A__lists.rbtc.tech_mailman_listinfo_security-2Ddiscuss&d=DwIGaQ&c=cehHn3YFTvbeqmBOizlVwndgdnPducYBouAyYX7fXYg&r=Kf5RBswNMWU0qgnhv-jum_IwioCzbHpyt-zOC4z_r4yBHb_cYw_XdWTbgZTnSI1i&m=4ijxacH7Jr4D3t7njvHSErnTrIvSTAMFv4aus3XJ-wEdaI9ZM9TW5LU2A-NmrlBd&s=B2msiASIoh0gHv-QOSTnsq41h5DcP4xsoQean9PUxvg&e= 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.rbtc.tech/pipermail/security-discuss/attachments/20220114/606d8df0/attachment.html>