Episode 99: SolarWinds Supply Chain Attack Affects Government and Fortune 500 Businesses

Summary: Earlier this week, we learned that SolarWinds, the largest provider of network management tools for large enterprise organizations fell victim to a supply chain attack. Reportedly, 18k enterprise & government customers installed malware that was digitally signed as part of an update from SolarWinds’ servers. Microsoft took control of one of the primary C2 domains. We also talk about a vulnerability in the PageLayer plugin and a wormable 0-click XSS bug found in Jabber.