Hello, welcome to the Friday, November 4, 2020 edition of the Sansonet Storms, Stormcast.

My name is Johannes Ulrich, and I'm recording from Jacksonville, Florida.

Quick diary from Rob today about burp and setting breakpoints.

If you have used verb in the past, then other proxies are likely similar.

One of the annoying things sometimes is if you work through a complex web application,

well, you either turn the proxy on or off.

If you turn it on, then you have to click on forward all the time to approve all the

requests that sort of happen happen and you may miss the

important one well if you don't keep interception turned on then of course you may miss the page

that you're looking for because it didn't get intercepted well rob now has an interesting feature here in Burb that he's going into

in a bit more detail. And that's breakpoints. Essentially, what you can do here is you can set a

condition at which point interception will be turned on. In particular, in this case,

Rob was looking for an OAuth, an open ID exchange. So basically, just set the right parameters. And then as that exchange is happening, Burbs Interception will pop up and you'll have the ability to then alter your requests as you wish to.

So a pretty efficient feature like any breakpoint, of course, in a debugger

to help you just sort of zoom in on the part of the website,

not the code, of course, that you would like to inspect.

Well, Paulo Alto is reporting that we have yet another supply chain attack where malicious

actors, which Palo Alto identifies as TA569, injected malicious JavaScript into a company's

website that serves videos on various regional and some national news websites.

Apparently about 250 websites were affected by this attack.

ProofPoint didn't name the particular video platform that was affected here, nor individual news websites

that were affected. But the end effect was that the JavaScript then injected the fake

...