SolarWinds Updates; Cisco Advisories; WebRTC State Issues; Oracle BI XSS

SANS Daily Network Security Podcast (Stormcast) for Thursday, January 21st, 2021
00:00
My Next Class
Defending Web Applications Security Essentials | Online | US Pacific | Mar 15th - Mar 20th 2021 |
Intrusion Detection In-Depth | Online | US Eastern | Apr 26th - May 1st 2021 |
SolarWinds Updates
https://www.microsoft.com/security/blog/2021/01/20/deep-dive-into-the-solorigate-second-stage-activation-from-sunburst-to-teardrop-and-raindrop/
https://blog.malwarebytes.com/malwarebytes-news/2021/01/malwarebytes-targeted-by-nation-state-actor-implicated-in-solarwinds-breach-evidence-suggests-abuse-of-privileged-access-to-microsoft-office-365-and-azure-environments/
Cisco Advisories
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-bufovulns-B5NrSHbj
Evesdropping Vulnerabilities in Various WebRTC Based Video Conferencing Systems
https://googleprojectzero.blogspot.com/2021/01/the-state-of-state-machines.html
Oracle Business Intelligence Enterprise Edition XSS
https://www.exploit-db.com/exploits/49444
https://www.microsoft.com/security/blog/2021/01/20/deep-dive-into-the-solorigate-second-stage-activation-from-sunburst-to-teardrop-and-raindrop/
https://blog.malwarebytes.com/malwarebytes-news/2021/01/malwarebytes-targeted-by-nation-state-actor-implicated-in-solarwinds-breach-evidence-suggests-abuse-of-privileged-access-to-microsoft-office-365-and-azure-environments/
Cisco Advisories
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-bufovulns-B5NrSHbj
Evesdropping Vulnerabilities in Various WebRTC Based Video Conferencing Systems
https://googleprojectzero.blogspot.com/2021/01/the-state-of-state-machines.html
Oracle Business Intelligence Enterprise Edition XSS
https://www.exploit-db.com/exploits/49444
Discussion
New Discussions closed for all Podcasts older than two(2) weeks
Please send your comments to our Contact Form
Defending Web Applications Security Essentials | Online | US Pacific | Mar 15th - Mar 20th 2021 |
Intrusion Detection In-Depth | Online | US Eastern | Apr 26th - May 1st 2021 |
Intrusion Detection In-Depth | Online | British Summer Time | May 24th - May 29th 2021 |
Defending Web Applications Security Essentials | Online | Central European Summer Time | Jun 14th - Jun 19th 2021 |