Talkin’ About Infosec News – 9/17/2021
ORIGINALLY AIRED ON SEPTEMBER 13, 2021
Articles discussed in this episode:
00:00 – BHIS – Talkin’ Bout [infosec] News 2021-09-13
02:59 – Story # 1: https://cyberworkx.in/2021/08/31/authentication-bypass-vulnerability-in-exchange-server/
04:43 – Story # 1b: https://techcommunity.microsoft.com/t5/exchange-team-blog/how-to-update-ad-schema-to-address-cve-2021-34470-if-exchange-is/ba-p/2617083
07:22 – Story # 2: https://cyberworkx.in/2021/09/08/microsoft-warns-of-new-zeroday-vulnerability-hunting-down-windows-users/
13:16 – Story # 3: https://therecord.media/ghostscript-zero-day-allows-full-server-compromises/
17:28 – Story # 3b: https://xkcd.com/2347/
22:03 – Story # 4: https://jfrog.com/blog/critical-vulnerability-in-haproxy-cve-2021-40346-integer-overflow-enables-http-smuggling/
30:15 – Story # 5: https://venturebeat.com/2021/09/11/8-orgs-with-web-apps-for-file-uploads-have-adequate-cybersecurity/
33:21 – Story # 5b: https://stackoverflow.com/questions/1732348/regex-match-open-tags-except-xhtml-self-contained-tags/1732454#1732454
34:15 – Story # 6: https://www.bleepingcomputer.com/news/security/hackers-leak-passwords-for-500-000-fortinet-vpn-accounts/
39:32 – Story # 7: https://www.bleepingcomputer.com/news/security/revil-ransomwares-servers-mysteriously-come-back-online/
Ready to learn more?
Level up your skills with affordable classes from Antisyphon!
Available live/virtual and on-demand
