SANS ISC: SANS Daily Network Security Podcast (Stormcast) for Wednesday, November 4th 2020

• SANS Site Network
  • Current Site
  • SANS Internet Storm Center
  • Other SANS Sites Help
  • Graduate Degree Programs
  • Security Training
  • Security Certification
  • Security Awareness Training
  • Penetration Testing
  • Industrial Control Systems
  • Cyber Defense Foundations
  • DFIR
  • Software Security
  • Government OnSite Training

SANS Daily Network Security Podcast (Stormcast) for Wednesday, November 4th 2020

My Next Class

… more classes

Help us make this podcast better by participating in a simple two question survey

Attackers Exploiting WebLogic Servers to Install Cobalt Strike
https://isc.sans.edu/forums/diary/Attackers+Exploiting+WebLogic+Servers+via+CVE202014882+to+install+Cobalt+Strike/26752

New SaltStack Vulnerabilities
https://www.saltstack.com/blog/on-november-3-2020-saltstack-publicly-disclosed-three-new-cves/

Adobe Releases Acrobat/Reader Update
https://helpx.adobe.com/security/products/acrobat/apsb20-67.html

Malicious Twilio NPM Package
https://www.npmjs.com/advisories/1574

GitHub Workflow Injection Vulnerabilities
https://bugs.chromium.org/p/project-zero/issues/detail?id=2070&can=2&q=&colspec=ID%20Type%20Status%20Priority%20Milestone%20Owner%20Summary&cells=ids

Discussion