Blumira Resources & Blog

Log4Shell Alternative Trigger: What You Should Know

Written by Erica Mixon | Dec 16, 2021 8:29:03 PM

Blumira has discovered an alternative attack vector in the Log4j vulnerability that relies on a basic Javascript WebSocket connection to trigger the RCE locally via drive-by compromise. But what does this mean, exactly, and how can you mitigate the impact? 

In this livestream, join Blumira’s Matthew Warner, CTO and Co-Founder, who discovered this attack vector. He’ll discuss what he knows about this important update and explain his process of making this new discovery. You’ll learn:

  • How this widens the attack surface associated with Log4Shell
  • The challenges associated with detecting WebSocket connections
  • Practical solutions about how to mitigate your impact  

This interactive, conversational-style session encourages questions and engagement with viewers – so sign up today for access to our security experts.

Participants

Matthew Warner, CTO and Co-Founder, Blumira

Matt is CTO and Co-Founder of Blumira, a leading cybersecurity provider of automated threat detection and response technology. At Blumira, he leads the security and engineering efforts to provide actionable insights into cybersecurity risks at scale. Matt has over 10 years of experience in IT and development, focusing on business strategy, development, compliance, threat detection and penetration testing. Previously, he was Director of Security Services, Development & Security at NetWorks Group, responsible for defensive information security and services.