Cobalt Strike and WebLogic; SaltSack; Adobe; Twilio NPM Brandjacking; GitHub Workflows
SANS Daily Network Security Podcast (Stormcast) for Wednesday, November 4th 2020
00:00
My Next Class
| Intrusion Detection In-Depth | Online | Arabian Standard Time | Mar 5th - Mar 10th 2022 |
| Application Security: Securing Web Apps, APIs, and Microservices | San Diego | May 5th - May 10th 2022 |
Attackers Exploiting WebLogic Servers to Install Cobalt Strike
https://isc.sans.edu/forums/diary/Attackers+Exploiting+WebLogic+Servers+via+CVE202014882+to+install+Cobalt+Strike/26752
New SaltStack Vulnerabilities
https://www.saltstack.com/blog/on-november-3-2020-saltstack-publicly-disclosed-three-new-cves/
Adobe Releases Acrobat/Reader Update
https://helpx.adobe.com/security/products/acrobat/apsb20-67.html
Malicious Twilio NPM Package
https://www.npmjs.com/advisories/1574
GitHub Workflow Injection Vulnerabilities
https://bugs.chromium.org/p/project-zero/issues/detail?id=2070&can=2&q=&colspec=ID%20Type%20Status%20Priority%20Milestone%20Owner%20Summary&cells=ids
https://isc.sans.edu/forums/diary/Attackers+Exploiting+WebLogic+Servers+via+CVE202014882+to+install+Cobalt+Strike/26752
New SaltStack Vulnerabilities
https://www.saltstack.com/blog/on-november-3-2020-saltstack-publicly-disclosed-three-new-cves/
Adobe Releases Acrobat/Reader Update
https://helpx.adobe.com/security/products/acrobat/apsb20-67.html
Malicious Twilio NPM Package
https://www.npmjs.com/advisories/1574
GitHub Workflow Injection Vulnerabilities
https://bugs.chromium.org/p/project-zero/issues/detail?id=2070&can=2&q=&colspec=ID%20Type%20Status%20Priority%20Milestone%20Owner%20Summary&cells=ids
iTunes
MP3 Download
RSS Feed
Google
Stitcher
Podbean
Amazon Echo
YouTube
Spreaker
iOS App
Spotify
Discussion
New Discussions closed for all Podcasts older than two(2) weeks
Please send your comments to our Contact Form
| Intrusion Detection In-Depth | Online | Arabian Standard Time | Mar 5th - Mar 10th 2022 |
| Application Security: Securing Web Apps, APIs, and Microservices | San Diego | May 5th - May 10th 2022 |
| Application Security: Securing Web Apps, APIs, and Microservices | Online | US Pacific | May 5th - May 10th 2022 |
https://www.sans.edu
