Week in Review 2021-12-10....err 2021-12-16

I started writing this on Friday the 10th, but am just now posting, because…

πŸ”’ The Log4j issue is really bad. Security and engineering teams are scrambling to protect against attacks. The best teams started last week or weekend, but many organizations waited until Monday or later to get going. The vulnerability is once again hitting the hard problems of inventory management, 3rd-party software component management, and vendor management. I don’t think I’ve seen something this bad in 20 years of being a security practitioner. The vulnerability is easy to exploit, has the worst kind of impact (it runs the attacker’s code), and is present in many common technologies. In addition, there have been several follow-on problems identified, such as additional attacks, or weaknesses in the fixes for the attack! If you’d like a laugh instead of cry, check log4j memes.

⚽️ After a really great start to the Premiere League (where they were recently top of the table) and Champions League (where they are reigning champions), Chelsea are leaking goals and struggling at this point in the seasons. 3-3 vs. Zenit in the CL means they take 2nd spot (below Juventus), but are on to the round of 16 and matched up with Lille. They got a little lucky in the Leeds PL game to win 3-2, but tied 1-1 in what should have been an easy win at home against Everton.

πŸ›© I recently had my 2nd business travel since “the beforetimes”. I tested when I got back and am luckily safe. I welcomed my new team members (direct and indirect reports) and honed 2022 strategy with the leaders on my team. It was good getting people together, but still feels a little strange getting back to it! In other work news, I also got the promotion I had been hoping for, bringing me to only 1 to 2 levels below my internal customers and working peers πŸ˜†. (Outside my team, I primarily work with SVPs and VPs, and am now an AVP.) Joking aside, I am thankful for the support of my leaders, who have shown trust in me and helped find funding and assistance for the important initiatives I’ve been pushing.

πŸ“š My spouse and I registered for a new library. To be honest, we mostly did it to have another library in Libby/Overdive, but it turns out the library is lovely, too. There’s no public funding in the town for a library and kids had to pay high fees to get access to a library in one of the neighboring towns. So, one family donated the land, funds for the building, and funds for the initial collection of materials. The library stays afloat with donations and a modest yearly fee for patrons. We were charmed by the library, especially their themed puzzle 🧩 collection that you can borrow like books!

πŸŒŸπŸŽ„ I’m looking forward to a break, soon. We’ll be hosting my spouse’s side of the family, again. All (who can be) are vaccinated (and boosted) and we will be testing before we get together. We have folks with compromised immune systems and/or who are too young to be vaccinated, but we are being safe for each other. We’re very much looking forward to time together, as there has been so little of that in the last two years.

✍️ Reply by email

Comments
✴️ Also on Micro.blog

About

Congratulations! You've found my personal blog. Take a look around and you'll find commentary, wisecracks, reviews, recommendations, reflections, quotes, and questions. Contact me and let's grow wiser, together.

Learn More

Subscribe to the newsletter

Elsewhere: RSS, Twitter, Instagram

Latest Asides

Glad we decided to call it simply β€œHeron Haven”, because even though we’ve had tons of Great Blue Heron activity, we’re now seeing the smaller Green Heron quite a bit, too πŸ”Ž

Security birb

🎢 How am I just now learning about Kardashev? video

Mulberries are coming in heavy right now.

Many more to pick, if you want to.

Sunday Quote πŸ“‘