SANS Internet Storm Center Episode Covers Proxifier Tool, BitLocker Bypass, and Adobe Patches

The May 14, 2026, episode of the SANS Internet Storm Center Stormcast covered a tool called Proxifier, which allows Windows users to proxy HTTP traffic from specific applications—such as directing traffic to Burp Suite for API testing—reducing noise compared to full-system proxying. Security researcher Nightmare Eclipse disclosed two vulnerabilities: Yellow Key, a BitLocker bypass exploit where a specially configured USB stick prevents disk encryption during shutdown, enabling unauthorized access via rescue mode, and Green Plasma, a partial proof-of-concept for a universal remote privilege escalation flaw involving memory manipulation and DLL injection. Adobe patched 10 products on Patch Tuesday, including critical vulnerabilities in Adobe Connect (arbitrary code execution) and Adobe Commerce (RCE via XSS and a path traversal flaw). The BitLocker vulnerability was identified through reverse engineering Windows binaries, while the Adobe updates addressed high-risk issues requiring immediate patching.