Octopus Overlords

Damn you log4j. This was supposed to be a nice and slack week. easy easy, nobody at work, just watch some videos and eat christmas cookies. but noooo, somebody had to go and vulnerability the entire god damn internet, and now I have to work my ass off.

stupid hackers, we hates them.

It was this time last year I was wrapping up my job and retiring. I can't imagine getting hit with this now during the holidays. We have a few products that have log4j heavily embedded... my co-worker has basically shut everything down and will only run some services when using a VPN.

He said the only good thing that came out of this is: https://log4jmemes.com/

This would be me...

I’ve deployed updated war files twice in 3 days over this exploit. Thankfully, we’re moving away from deployments using log4j though, so it’s just some legacy systems.

It's a pain in the ass.

Yup, last week was supposed to be the quiet week, after the implementation freeze and before everyone started their vacations. Haha, nah, how about one of the biggest fire drills we have ever seen instead?

Jenkins was crying for mercy all week.

The good thing is we got to practice updating it multiple times. It has to be finally fixed now, right?

i remember using this in my Java certification class

The Apache library version that we use in our software is so old, it's actually not affected by the exploit. Win!

gilraen wrote: ↑Wed Dec 22, 2021 3:06 pm The Apache library version that we use in our software is so old, it's actually not affected by the exploit. Win!

hah same boat here.

Our linux guy is soaking that up.

We have found 30 + servers so far.

Jaymon wrote:Damn you log4j. This was supposed to be a nice and slack week. easy easy, nobody at work, just watch some videos and eat christmas cookies. but noooo, somebody had to go and vulnerability the entire god damn internet, and now I have to work my ass off.

stupid hackers, we hates them.

Last year it was the SolarWinds hack. The slack weeks around the holidays don't apply anymore.