Handler on Duty: Jan Kopriva
Threat Level: green
Podcast Detail
New MOVEit Vulnerability; Polyfill Supply Chain Attack; Apple AirPods Patch;
If you are not able to play the podcast using the player below: Use this direct link to the audio file: https://chrt.fm/track/2748D7/https://traffic.libsyn.com/securitypodcast/9038.mp3
My Next Class
Application Security: Securing Web Apps, APIs, and Microservices | Online | US Eastern | Jul 15th - Jul 20th 2024 |
Application Security: Securing Web Apps, APIs, and Microservices | Las Vegas | Sep 4th - Sep 9th 2024 |
Interested in Internet Storm Center stickers? Check here if there are still some available for today.
Critical Progress MOVEit Authentication Bypass Vulnerability
https://labs.watchtowr.com/auth-bypass-in-un-limited-scenarios-progress-moveit-transfer-cve-2024-5806/
https://community.progress.com/s/article/MOVEit-Transfer-Product-Security-Alert-Bulletin-June-2024-CVE-2024-5806
Polyfill.io Supply Chain Attack
https://cside.dev/blog/more-than-100k-websites-targeted-in-web-supply-chain-attack
Apple AirPods Firmware Update
https://support.apple.com/en-us/HT214111
https://labs.watchtowr.com/auth-bypass-in-un-limited-scenarios-progress-moveit-transfer-cve-2024-5806/
https://community.progress.com/s/article/MOVEit-Transfer-Product-Security-Alert-Bulletin-June-2024-CVE-2024-5806
Polyfill.io Supply Chain Attack
https://cside.dev/blog/more-than-100k-websites-targeted-in-web-supply-chain-attack
Apple AirPods Firmware Update
https://support.apple.com/en-us/HT214111
Application Security: Securing Web Apps, APIs, and Microservices | Online | US Eastern | Jul 15th - Jul 20th 2024 |
Application Security: Securing Web Apps, APIs, and Microservices | Las Vegas | Sep 4th - Sep 9th 2024 |
Application Security: Securing Web Apps, APIs, and Microservices | Denver | Oct 2nd - Oct 7th 2024 |