- Cisco Releases Security Update for Multiple Products
- Zeppelin Ransomware on the Rise
- Adobe Releases Security Updates for Multiple Products
- Microsoft Releases August 2022 Security Updates
- Palo Alto Networks releases Security Advisories
- VMware Releases Security Updates
Cisco has released a security update to address a vulnerability in their products.
A vulnerability affecting Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software.
A remote attacker to obtain sensitive information.
We encourage organizations to review the following Cisco advisory and apply the necessary updates:
- Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software RSA Private Key Leak Vulnerability cisco-sa-asaftd-rsa-key-leak-Ms7UEfZz
CISA Bulletin: Cisco Releases Security Update for Multiple Products
Cisco Security Advisories page:
Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software RSA Private Key Leak Vulnerability:
The Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) warned US organizations today about attackers deploying the Zeppelin ransomware.
If the Zeppelin ransomware gets deployed on a host it can encrypt that host’s files multiple times.
The attackers deploying this ransomware are known for stealing data for double extortion and making ransom requests in Bitcoin, with the initial demands ranging from several thousand dollars to more than a million dollars.
The two federal agencies also shared tactics, techniques, and procedures (TTPs) and indicators of compromise (IOCs) to help security professionals detect and block attacks using this ransomware strain. The FBI also asked [PDF] IT admins who detect Zeppelin ransomware activity within their enterprise networks to collect and share any related information with their local FBI field office.
CISA and the FBI also advised organizations to take measures to defend against Zeppelin ransomware attacks, such as:
- prioritizing patching vulnerabilities exploited in the wild,
- training their employees and users to recognize and report phishing attempts,
- enabling and enforcing multi-factor authentication.
Adobe has released security updates
Vulnerabilities in multiple products.
An attacker could exploit some of these vulnerabilities to take control of an affected system.
We encourage organizations to review the following Adobe Security Bulletins and apply the necessary updates.
- Adobe Commerce APSB22-38
- Acrobat and Reader APSB22-39
- Illustrator APSB22-41
- FrameMaker APSB22-42
- Premiere Elements APSB22-43
CISA Bulletin: Adobe Releases Security Updates for Multiple Products:
Adobe Commerce APSB22-38:
Acrobat and Reader APSB22-39:
Adobe Illustrator APSB22-41:
Adobe FrameMaker APSB22-42:
Adobe Premiere Elements APSB22-43:
Microsoft has released updates to address multiple vulnerabilities in Microsoft software.
An attacker can exploit some of these vulnerabilities.
Exploiting these vulnerabilities will give the attacker the ability to take control of the affected systems.
August 2022 Security Update Guide :
Link to the CISA Advisory:
Palo Alto Networks released two Security Advisory vulnerabilities.
1. The Reflected Amplification Denial-of-Service (DoS) vulnerability in URL filtering.
2. Proof of Concept (PoC) that reduces the effectiveness of the Cortex XDR agent Anti-Ransomware.
1. The resulting denial-of-service (DoS) attack may help obfuscate the identity of the attacker and implicate the firewall as the source of the attack.
2. An attacker could exploit some of this vulnerability to take control of an affected system.
1. We strongly encourage organizations to apply the updates for Reflected Amplification Denial-of-Service (DoS) vulnerability during the week of August 15, 2022.
2. We strongly encourage organizations to update the Cortex XDR agents on Windows with the content update 610 or to later updated versions.
Palo Alto Networks Security Advisories:
CVE-2022-0028 PAN-OS: Reflected Amplification Denial-of-Service (DoS) Vulnerability in URL Filtering:
PAN-SA-2022-0003 Informational: Cortex XDR Agent: Proof of Concept (PoC) Reduces Effectiveness of Anti-Ransomware Protection Module:
VMware has released security updates.
Multiple vulnerabilities in vRealize Operations.
A remote attacker could exploit some of these vulnerabilities to take control of an affected system.
We strongly encourage organizations to review VMware Security Advisory VMSA-2022-0022 and apply the necessary updates for vRealize Operations.
CISA Bulletin: VMware Releases Security Updates: