A Remote Code Execution (RCE) vulnerability in the popular log4j library was published yesterday.
While any RCE vulnerability sounds bad, this one is particularly nasty because it affects absolutely any application (server and client-side) that uses a vulnerable version of the log4j library.
Recognizing the significance of this exploit, SANS Instructors Dr. Johannes Ullrich, Bojan Zdrnja, and Mick Douglas teamed up to do an URGENT live stream on Monday, December 13 to share the details they had learned about the exploitation, but also how to detect the attack as well as protect environments from it.
As this is a topic that's creating lots of buzz, we've embedded the live stream recording below. And you can download a copy of the presentation slides here.