They laughed, they cried, they tweeted.
It was one of those weekends for many in cybersecurity and IT as they canceled plans and responded to the log4j software vulnerability. A vulnerability may expose millions of networks to a simple to carry out cyberattack.
"IT security teams around the world have been burning midnight oil all weekend and will continue and this is not a weekend problem, this is a months and months from now problem," Fortress VP Tony Turner told ABC News.
And where did the cybersecurity industry turn to share its collective pain? Twitter, of course. With a long list of classic quotes and memes.
Twitter reacts to log4j vulnerability: first, with agony
The reveal happened Friday, December 10, in part through Cybersecurity and Infrastructure Security Agency Director Jen Easterly:
"This vulnerability, which is being widely exploited by a growing set of threat actors, presents an urgent challenge to network defenders given its broad use. To be clear, this vulnerability poses a severe risk."
And Rob Joyce, the head of NSA Cyber, was also spreading the news:
From there, the announcements kept pouring out.
Minecraft warned users to secure Java versions of the game:
Amazon Web Services posted about the new cyber risk on its blog:
"This vulnerability is severe and due to the widespread adoption of Apache Log4j, its impact is large."
Cybersecurity thought leader Rob Graham even changed the tagline on his Twitter account to include "THREAT LEVEL RED - FIX YOUR LOG4J"
Marcus Hutchins, who stopped the global WannaCry ransomware attack, tweeted details about how widespread this vulnerability is, and how simple it is to take advantage of it:
Other cybersecurity professionals warned the community about what they were seeing threat actors do:
#log4j jokes and memes: tweets as infosec therapy
Thankfully, the cyber tweets were not all doom and gloom. Here are some of the hilarious memes, quotes, and gifs cybersecurity professionals shared about log4j:
*Not originally our meme
— vx-underground (@vxunderground) December 11, 2021
*Unable to find author to give credit pic.twitter.com/0bDrwx95LC
The entire cybersecurity community reading about Log4Shell. pic.twitter.com/MDjMNCRLnH
— Ashley (@Infosec_Taylor) December 10, 2021
I bet he's dreaming about log4j right now pic.twitter.com/k8oQqv9geO
— corgi (@corg_e) December 11, 2021
Live view from FBI headquarters dark web task force #log4j pic.twitter.com/SAJlAEKqgH
— SwiftOnSecurity (@SwiftOnSecurity) December 10, 2021
From Sponge Bob to dumpster fires, #infosec Twitter tweeted funny things to stay sane. And some even wrote song lyrics about log4j, with a holiday twist:
Log4j tweets: we are in this together
And if a shiny red Rudolph nose and log4j song lyrics don't warm your heart a little bit, then the following tweets just might:
Red Team Director Rob Fuller gave cybersecurity professionals a very public thank you.
To all of you working on #log4j today, a Friday, you are appreciated. You are awesome. Thank you for doing the work that needs to get done when it counts. Security is often a thankless job. So thank you for today. pic.twitter.com/ofPdNfxYWW
— Rob Fuller (@mubix) December 11, 2021
And @threrealshodan, who is in threat intelligence, tweeted that situations like this bring the community together:
And pulling the community together is a key reason SecureWorld exists as well.
And in 2022, we're planning to get together in person.
By that time, we'll expect to hear war stories about the log4j weekend and the lessons learned from this latest widespread vulnerability.