b'
This month, Luke Tamagna-Darr is back and he and Satnam have a lot to say about security advisories. As always, we walk through the latest vulnerability news - specifically diving into \\u201cZerologon\\u201d and \\u201cBad Neighbor\\u201d as well as multiple alerts from CISA. Many advisories recently were focused on chaining vulnerabilities, providing insight into how attackers are leveraging bugs together in attacks.
Show References:
Writing Security Advisories: 5 Best Practices For Vendors
Microsoft\\u2019s October 2020 Patch Tuesday Addresses 87 CVEs including \\u201cBad Neighbor\\u201d Windows TCP/IP Vulnerability (CVE-2020-16898)
CVE-2020-1472: 'Zerologon' Vulnerability in Netlogon Could Allow Attackers to Hijack Windows Domain Controller
CVE-2020-1472: Advanced Persistent Threat Actors Use Zerologon Vulnerability In Exploit Chain with Unpatched Vulnerabilities
US Cybersecurity Agency CISA Alert: Foreign Threat Actors Continue to Target Unpatched Vulnerabilities
CVE-2020-2040: Critical Buffer Overflow Vulnerability in PAN-OS Devices Disclosed
Multiple Vulnerabilities in CodeMeter Leave Managed Industrial Control Systems Open to Attack
CVE-2020-6925, CVE-2020-6926, CVE-2020-6927: Multiple Vulnerabilities in HP Device Manager
Tenable Research Spotify Playlist