SANS ISC: SANS Daily Network Security Podcast (Stormcast) for Thursday, January 21st, 2021

• SANS Site Network
  • Current Site
  • SANS Internet Storm Center
  • Other SANS Sites Help
  • Graduate Degree Programs
  • Security Training
  • Security Certification
  • Security Awareness Training
  • Penetration Testing
  • Industrial Control Systems
  • Cyber Defense Foundations
  • DFIR
  • Software Security
  • Government OnSite Training

SANS Daily Network Security Podcast (Stormcast) for Thursday, January 21st, 2021

My Next Class

… more classes

Help us make this podcast better by participating in a simple two question survey

SolarWinds Updates
https://www.microsoft.com/security/blog/2021/01/20/deep-dive-into-the-solorigate-second-stage-activation-from-sunburst-to-teardrop-and-raindrop/
https://blog.malwarebytes.com/malwarebytes-news/2021/01/malwarebytes-targeted-by-nation-state-actor-implicated-in-solarwinds-breach-evidence-suggests-abuse-of-privileged-access-to-microsoft-office-365-and-azure-environments/

Cisco Advisories
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-bufovulns-B5NrSHbj

Evesdropping Vulnerabilities in Various WebRTC Based Video Conferencing Systems
https://googleprojectzero.blogspot.com/2021/01/the-state-of-state-machines.html

Oracle Business Intelligence Enterprise Edition XSS
https://www.exploit-db.com/exploits/49444

Discussion