Hanyani Makumbani, Discovery

Even today, the word Log4j can strike fear into the stoutest of hearts. This was a common Java logging tool made available as part of the Apache Software Foundation. On December 9, 2021, a zero-day vulnerability was found in Log4j, and given the name Log4Shell by the sharp-eyed Alibaba Cloud security team. The cyber firm Tenable was quoted as saying it was the “single biggest, most critical vulnerability of the last decade”. A new version was rushed out in three days.

Brainstorm: How did you manage during the period when Log4J hit?