Jason Neidecker, Katie Alvarez, Michael Stair, and Tony Tortorici of the AT&T Chief Security Office look back at the Log4J vulnerability and discuss lessons learned about how to respond to incidents like this in the future.
Resources:
https://msrc-blog.microsoft.com/ (Microsoft security blog for Azure impacts)
https://www.cisa.gov/uscert/apache-log4j-vulnerability-guidance (CISA)
https://logging.apache.org/log4j/2.x/security.html (Apache)
Originally recorded on March 29, 2022.
AT&T ThreatTraq welcomes your e-mail questions and feedback at attthreattraq@list.att.com