Network Security News Summary for Tuesday May 24th, 2022
SANS Internet Storm Center's Daily Network Security News Podcast · Johannes B. Ullrich
May 24, 20225m 27s
Audio is streamed directly from the publisher (traffic.libsyn.com) as published in their RSS feed. Play Podcasts does not host this file. Rights-holders can request removal through the copyright & takedown page.
Show Notes
jQuery-File-Upload Scans; Oracle OOB Patch; NPM Hijack Detection; Account Pre-Hijacking Attacker Scanning for jQuery-File-Upload https://isc.sans.edu/forums/diary/Attacker+Scanning+for+jQueryFileUpload/28674/ Oracle Security Alert Advisory - CVE-2022-21500 https://www.oracle.com/security-alerts/alert-cve-2022-21500.html How to find NPM dependencies vulnerable to account hijacking https://www.theregister.com/2022/05/23/npm_dependencies_vulnerable/ Pre-hijacked accounts https://arxiv.org/pdf/2205.10174.pdf keywords: jquery; hijacking; file upload; oracle; npm