The past 2-weeks have been pretty crazy for those in the security industry. The Log4j vulnerability has broad-reaching impact. Scott Crawford, Head of Research at 451 had a good post on LinkedIn. Here's an excerpt.
Last December, the technology world was shaken by one of the most wide-ranging attack campaigns to date. A year almost to the day later, it’s now racing to remediate one of the most pervasive vulnerabilities ever seen. In between, a continuing series of high-profile incidents have accelerated the valuation of a number of cybersecurity technology providers to stratospheric heights. What more could 2022 possibly bring?
The vuln is going to be a part of the narrative for months to come. People will be sitting around lobbycon's of security conferences for years talking about their Log4j war stories.
I saw a tweet from friend and hacker, d0nut, on twitter.
Which inspired me to create "The 7 Stages of DevSecOps 0-day Grief" and tweet it. Much of humor is based in some pain or truth. Enjoy and, thanks to the blue teamers securing our world. 👊