SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast) SANS Stormcast Friday, March 28th: Sitecore Exploited; Blasting Past Webp; Splunk and Firefox Vulnerabilities
8 snips
Mar 28, 2025 A recent deserialization attack targeted Sitecore, exploiting a thumbnail access token header. Google’s Project Zero detailed a zero-click NSO BlastPass exploit in iOS using a WebP vulnerability. Splunk patched several vulnerabilities, including one that allowed code execution for authenticated users. Meanwhile, Mozilla patched an active sandbox escape vulnerability in Firefox. The podcast highlights these critical security issues while urging listeners to stay informed on evolving cyber threats.
AI Snips
Chapters
Transcript
Episode notes
Sitecore Vulnerability
- A Sitecore CMS vulnerability exploits a .NET deserialization flaw via the "thumbnailsaccesstoken" header.
- The vulnerability, patched in January, allows attackers to execute code using PowerShell.
BlastPass Exploit
- Google's Project Zero revealed details about the NSO BLASTPASS exploit.
- This exploit targeted a WebP image parsing vulnerability in iOS, highlighting memory management issues in compressed formats.
Splunk Vulnerabilities
- Splunk patched about a dozen vulnerabilities, including a high-severity arbitrary code execution flaw.
- While not critical, update Splunk as it's a key part of security infrastructure.