The Cybersecurity and Infrastructure Security Agency (CISA) and its partners, through the Joint Cyber Defense Collaborative, are responding to active, widespread exploitation of a critical remote code execution (RCE) vulnerability in Apache’s Log4j software library, versions 2.0-beta9 to 2.14.1, known as "Log4Shell."
Log4j is very broadly used in a variety of consumer and enterprise services, websites, and applications—as well as in operational technology products—to log security and performance information. An unauthenticated remote actor could exploit this vulnerability to take control of an affected system.
For these vulnerabilities to be remediated in products and services that use affected versions of Log4j, the maintainers of those products and services must implement security updates.
In this webinar, we will discuss:
- What is Apache Log4j
- What is the threat and what it affects
- What OT systems are affected including SCADA, Historian or other plant floor systems
- Suggested actions to reduce your vulnerability
- Prevent & anticipate vulnerabilities in the future
- Solutions that can help including Moxa and Nozomi
Presenters:
Jack Nedelman
Business Development Manager at AutomaTech
Jack has been working with manufacturing and utility customers for over 25 years, both in technical and sales roles. Jack began in the Boston area with startups, commissioning, and automation support and batch, MES, and data collection for various systems and verticals.
Tom Jensen
Senior Solution Architect at AutomaTech
Tom has over 30 years of experience designing and specifying solutions for all aspects of manufacturing processes, specializing in Electrical Power and Controls Automation, data collection and analysis.
Alex Dumitrescu
Technical Sales Engineer at Nozomi Networks
Alex Dumitrescu is an avid technologist and entrepreneur that has spent 7 years within Industrial IoT and Cybersecurity. He is passionate about helping customers solve complex problems in the most effective ways.
Alexey Kleymenov
Senior Cyber Threat Analyst at Nozomi Networks
Alexey Kleymenov performs in-depth research for emerging threats and designs and develops threat intelligence infrastructure in his role at Nozomi Networks. He is passionate about reverse engineering, prototyping, process automation and research. His background includes 14+ years of practical experience with several anti-virus companies and he is a member of the (ISC)² organization.
Alexey is the author of the book “Mastering Malware Analysis: The complete malware analyst’s guide to combating malicious software, APT, cybercrime, and IoT attacks.”