SysAdmin 24x7

Notice of Recent Security Incident To All LastPass Customers, I want to inform you of a development that we feel is important for us to share with our LastPass business and consumer community. [...] FAQs 1. Has my Master password or the Master Password of my users been compromised? No. This incident did not compromise your Master Password. We never store or have knowledge of your Master Password. We utilize an industry standard Zero Knowledge architecture that ensures LastPass can never know or gain access to our customers’ Master Password. You can read about the technical implementation of Zero Knowledge here. https://blog.lastpass.com/2022/08/notice-of-recent-security-incident/

Cisco Releases Security Updates for Multiple Products Original release date: August 25, 2022 Cisco has released security updates for vulnerabilities affecting ACI Multi-Site Orchestrator, FXOS, and NX-OS software. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. For updates addressing lower severity vulnerabilities, see the Cisco Security Advisories page. CISA encourages users and administrators to review the advisories for ACI Multi-Site Orchestrator, FXOS, and NX-OS and apply the necessary updates. https://www.cisa.gov/uscert/ncas/current-activity/2022/08/25/cisco-releases-security-updates-multiple-products

VMSA-2022-0024 CVSSv3 Range: 7.0 Issue Date: 2022-08-23 CVE(s): CVE-2022-31676 Synopsis: VMware Tools update addresses a local privilege escalation vulnerability (CVE-2022-31676) Impacted Products VMware Tools https://www.vmware.com/security/advisories/VMSA-2022-0024.html

Ejecución remota de comandos en productos GitLab Fecha de publicación: 23/08/2022 Identificador: INCIBE-2022-0891 Importancia: 5 - Crítica Recursos afectados: GitLab Community Edition (CE) y Enterprise Edition (EE), versiones anteriores a la 15.3.1, 15.2.3 y 15.1.5. Descripción: GitLab ha lanzado nuevas versiones que corrigen vulnerabilidades que podrían permitir a un atacante la ejecución remota de comandos. https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/ejecucion-remota-comandos-productos-gitlab

CISA Updates Advisory on Threat Actors Exploiting Multiple CVEs Against Zimbra Collaboration Suite CISA and the Multi-State Information Sharing & Analysis Center (MS-ISAC) have updated joint Cybersecurity Advisory AA22-228A: Threat Actors Exploiting Multiple CVEs Against Zimbra Collaboration Suite, originally released August 16, 2022. The advisory has been updated to include additional detection signatures. CISA encourages organizations to review the latest update to AA22-228A and apply the recommended mitigations. https://www.cisa.gov/uscert/ncas/current-activity/2022/08/22/cisa-updates-advisory-threat-actors-exploiting-multiple-cves

Windows Bluetooth Driver Elevation of Privilege Vulnerability CVE-2022-35820 Security Vulnerability Released: Aug 9, 2022 Last updated: Aug 19, 2022 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35820

Omisión de autenticación en productos ManageEngine Fecha de publicación: 19/08/2022 Identificador: INCIBE-2022-0889 Importancia: 5 - Crítica Descripción: Se ha identificado una vulnerabilidad crítica en varios productos de ManageEngine que podría permitir a un atacante omitir el proceso de autenticación y acceder a API externas. https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/omision-autenticacion-productos-manageengine

Múltiples vulnerabilidades en Zimbra Collaboration Suite (ZCS) Fecha de publicación: 17/08/2022 Identificador: INCIBE-2022-888 Importancia: 5 - Crítica Recursos afectados: Zimbra Collaboration Suite (ZCS). Descripción: CISA y MS-ISAC advierten de la explotación activa de múltiples vulnerabilidades en Zimbra Collaboration Suite (ZCS). https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/multiples-vulnerabilidades-zimbra-collaboration-suite-zcs

Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software RSA Private Key Leak Vulnerability Advisory ID: cisco-sa-asaftd-rsa-key-leak-Ms7UEfZz First Published: 2022 August 10 16:00 GMT CVSS Score: Base 7.4 A vulnerability in the handling of RSA keys on devices running Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to retrieve an RSA private key. https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-rsa-key-leak-Ms7UEfZz

SAP Security Patch Day –August2022 https://dam.sap.com/mac/app/e/pdf/preview/embed/ucQrx6G?ltr=a&rc=10

Intel® Data Center Manager Advisory Intel ID: INTEL-SA-00662 Advisory Category: Software Impact of vulnerability: Escalation of Privilege, Denial of Service Severity rating: CRITICAL Affected Products: Intel® Data Center Manager software before version 4.1. https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00662.html

Open AMT Cloud Toolkit Advisory Advisory Category: Software Impact of vulnerability: Escalation of Privilege Severity rating: CRITICAL Affected Products: Open AMT Cloud Toolkit software maintained by Intel® before versions 2.0.2 and 2.2.2. https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00694.html

Citrix Hypervisor Security Bulletin for CVE-2022-33745 Security https://support.citrix.com/article/CTX463455/citrix-hypervisor-security-bulletin-for-cve202233745

Hotfix XS71ECU2077 - For XenServer 7.1 Cumulative Update 2 https://support.citrix.com/article/CTX462418/hotfix-xs71ecu2077-for-xenserver-71-cumulative-update-2

Cisco Talos shares insights related to recent cyber attack on Cisco [...] During the investigation, it was determined that a Cisco employee’s credentials were compromised after an attacker gained control of a personal Google account where credentials saved in the victim’s browser were being synchronized. [...] https://blog.talosintelligence.com/2022/08/recent-cyber-attack.html

Palo Alto Networks Releases Security Update for PAN-OS https://www.cisa.gov/uscert/ncas/current-activity/2022/08/05/palo-alto-networks-releases-security-update-pan-os

Microsoft Releases August 2022 Security Updates https://msrc.microsoft.com/update-guide/releaseNote/2022-Aug

Adobe Releases Security Updates for Multiple Products https://www.cisa.gov/uscert/ncas/current-activity/2022/08/09/adobe-releases-security-updates-multiple-products

VMSA-2022-0023 CVSSv3 Range: 5.7 Issue Date: 2022-08-09 Updated On: 2022-08-09 (Initial Advisory) CVE(s): CVE-2022-22983 Synopsis: VMware Workstation update addresses an unprotected storage of credentials vulnerability (CVE-2022-22983) Known Attack Vectors A malicious actor with local user privileges to the victim machine may exploit this vulnerability leading to the disclosure of user passwords of the remote server connected through VMware Workstation. https://www.vmware.com/security/advisories/VMSA-2022-0023.html

VMSA-2022-0022 CVSSv3 Range: 5.6-7.2 Issue Date: 2022-08-09 Updated On: 2022-08-09 (Initial Advisory) CVE(s): CVE-2022-31672, CVE-2022-31673, CVE-2022-31674, CVE-2022-31675 Synopsis: VMware vRealize Operations contains multiple vulnerabilities https://www.vmware.com/security/advisories/VMSA-2022-0022.html