Cyber Security Today, Aug. 15, 2022 – Watch for patches from Palo Alto Networks, Microsoft and others

Share post:

Watch for these patches from Palo Alto Networks, Microsoft and others.

Welcome to Cyber Security Today. It’s Monday August 15th, 2022. I’m Howard Solomon, contributing reporter on cybersecurity for ITWorldCanada.com.

Cyb er Security Today on Amazon Alexa Cyber Security Today on Google Podcasts Subscribe to Cyber Security Today on Apple Podcasts

Today’s edition reports on a number of vulnerabilities and patches that IT and security teams should be watching for.

Administrators with firewalls from Palo Alto Networks in their environments should be on the lookout this week for security updates to fix a high-severity vulnerability used by PA, VM and CN-series firewalls. That misconfiguration could allow an attacker to leverage the device for denial of service attacks. The issue has been resolved for all Palo Alto Network cloud next generation firewalls and the Prisma Access service. Updates for other devices will come this week. In the meantime there are workarounds. There’s a link to the document explaining them in the text version of this podcast. By the way, Palo Alto Networks said it learned about this problem because a threat actor is looking for vulnerabilities in firewalls from a number of manufacturers. Network administrators should watch for alerts coming from their firewall vendors.

Windows administrators need to watch for and install a security patch from Microsoft or their server and PC equipment manufacturers to fix vulnerabilities in third-party bootloaders in products they may use. Windows allows approved third party bootloaders to affect the operating systems’ boot process. But researchers at Eclypsium recently found vulnerabilities that could bypass the Secure Boot capability that protects Windows from being abused. So far three affected bootloaders have been identified. The patch will update Windows’ Secure Boot Forbidden Signature Database.

Email administrators with the Zimbra Collaboration Suite email server in their environment must install the latest patch. This comes after researchers at Volexity discovered a serious vulnerability while investigating breaches at organizations that use the suite. Hackers were getting around a patch that was released in March to patch a hole. It was thought that an attacker would need administrative privileges to exploit the vulnerability. But the researchers found that wasn’t so. Zimbra released a new patch at the end of July. It should have been installed by now.

Security researchers at a firm in Argentina have discovered a high severity vulnerability that may affect network devices from 20 manufacturers including D-Link, Tenda, Nexxt, Intelbras and others. According to Security Week, which interviewed the researchers, the problem is in the software development kit that manufacturers used if they bought certain processing chips from a company called Realtek. The manufacturers were warned about the problem in March. It’s up to them to distribute the patch. Small businesses and individuals should regularly check the websites of the manufacturers of their routers and WiFi access points for security patches. That’s because often warnings often don’t get sent directly to IT departments and device owners.

Police in the Netherlands have arrested a man believed to be involved in cryptocurrency money laundering through the Tornado Cash mixing service. Mixing services change one type of cryptocurrency for others, helping crooks hide stolen and ransomed funds. Police have long suspected that Tornado Cash is used for cryptocurrency laundering. Dutch police suspect hundreds of millions of dollars in criminal-related cryptocurrency has gone through that particular mixer. The arrest came after the U.S. put Tornado Cash on a sanctioned list.

Finally, since May the U.S has been offering million-dollar rewards for information on the leaders of the Conti ransomware gang. The government knows their online usernames. Now it claims to have a photo of what it calls a gang associate. It tweeted the photo last week of a bearded man who allegedly uses the name “Target.” Under the government’s Rewards for Justice program there are a number of ways to report information and claim a reward. The Conti gang allegedly disbanded earlier this year but it is believed a number of group members work with other ransomware operators.

Remember links to details about podcast stories are in the text version at ITWorldCanada.com.  Follow Cyber Security Today on Apple Podcasts, Google Podcasts or add us to your Flash Briefing on your smart speaker.

The post Cyber Security Today, Aug. 15, 2022 – Watch for patches from Palo Alto Networks, Microsoft and others first appeared on IT World Canada.

Howard Solomon
Howard Solomonhttps://www.itworldcanada.com
Currently a freelance writer, I'm the former editor of ITWorldCanada.com and Computing Canada. An IT journalist since 1997, I've written for several of ITWC's sister publications including ITBusiness.ca and Computer Dealer News. Before that I was a staff reporter at the Calgary Herald and the Brampton (Ont.) Daily Times.

Featured Tech Jobs

SUBSCRIBE NOW

Related articles

Cyber Security Today, April 24, 2024 – Good news/bad news in Mandiant report, UnitedHealth admits paying a ransomware gang, and more

This episode reports on the danger of using expired open-source packages, a tool used by a Russian hacking group and passw

Pushing back against rising cloud costs: Hashtag Trending for Wednesday, April 24, 2024

Pushing back against rising cloud costs – one CEO make big savings, Microsoft makes it clear that it...

Digital humans make inroads into customer service: Hashtag Trending for Tuesday, April 23, 2024

Before we get to our stories, coincidentally leading with one on digital humans used in customer service, we...

Cyber Security Today, April 22, 2024 -Vulnerability in CrushFTP file transfer software, security updates for Cisco’s controller management application, and more

This episode reports on a new campaign to steal credentials from LastPass users, a warning to admits of Ivanti Avalanche mobile device management software

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways