CISA: Just-Disclosed Palo Alto Networks Firewall Bug Under Active Exploit

The bug tracked as CVE-2022-0028 allows attackers to hijack firewalls without authentication, in order to mount DDoS hits on their targets of choice. [TechWeb]( Follow Dark Reading: [RSS]( August 25, 2022 LATEST SECURITY NEWS & COMMENTARY [CISA: Just-Disclosed Palo Alto Networks Firewall Bug Under Active Exploit]( The bug tracked as CVE-2022-0028 allows attackers to hijack firewalls without authentication, in order to mount DDoS hits on their targets of choice. [Unusual Microsoft 365 Phishing Campaign Spoofs eFax Via Compromised Dynamics Voice Account]( In a widespread campaign, threat actors use a compromised Dynamics 365 Customer Voice business account and a link posing as a survey to steal Microsoft 365 credentials. [Ransomware Gang Demands $10M in Attack on French Hospital]( Center Hospitalier Sud Francilien (CHSF), a hospital outside of Paris, has redirected incoming patients to other medical facilities in the wake of a ransomware attack that began on Aug. 21. [VMware LPE Bug Allows Cyberattackers to Feast on Virtual Machine Data]( An insider threat or remote attacker with initial access could exploit CVE-2022-31676 to steal sensitive data and scoop up user credentials for follow-on attacks. [Why Empathy Is the Key to Better Threat Modeling]( Avoid the disconnect between seeing the value in threat modeling and actually doing it with coaching, collaboration, and integration. Key to making it "everybody's thing" is communication between security and development teams. [Efficient 'MagicWeb' Malware Subverts AD FS Authentication, Microsoft Warns]( The Russia-backed Nobelium APT has pioneered a post-exploitation tool allowing attackers to authenticate as any user. [Ransomware Gang Demands $10M in Attack on French Hospital]( Center Hospitalier Sud Francilien (CHSF), a hospital outside of Paris, has redirected incoming patients to other medical facilities in the wake of a ransomware attack that began on Aug. 21. [MORE NEWS /]( [MORE COMMENTARY]( HOT TOPICS [Apathy Is Your Company's Biggest Cybersecurity Vulnerability — Here's How to Combat It]( Make security training more engaging to build a strong cybersecurity culture. Here are four steps security and IT leaders can take to avoid the security disconnect. [Charming Kitten APT Wields New Scraper to Steal Email Inboxes]( Google researchers say the nation-state hacking team is now employing a data-theft tool that targets Gmail, Yahoo, and Microsoft Outlook accounts using previously acquired credentials. [Facing the New Security Challenges That Come With Cloud]( Organizations relying on multicloud or hybrid-cloud environments without a true understanding of their security vulnerabilities do so at their peril. [MORE]( EDITORS' CHOICE [Mudge Blows Whistle on Alleged Twitter Security Nightmare]( Lawmakers and cybersecurity insiders are reacting to a bombshell report from former Twitter security head Mudge Zatko, alleging reckless security lapses that could be exploited by foreign adversaries. LATEST FROM THE EDGE [Nearly 3 Years Later, SolarWinds CISO Shares 3 Lessons From the Infamous Attack]( SolarWinds CISO Tim Brown explains how organizations can prepare for eventualities like the nation-state attack on his company’s software. LATEST FROM DR TECHNOLOGY [How to Resolve Permission Issues in CI/CD Pipelines]( This Tech Tip outlines how DevOps teams can address security integration issues in their CI/CD pipelines. WEBINARS - [From Reactive to Proactive, Changing the Culture on API Security]( Statistics demonstrate that 95% of companies have experienced attacks targeting their usage of APIs in their modern applications, and this is most likely a concern for you. And yes, it's likely keeping you up at night. When using other people's code-via ... - [Understanding Machine Learning, Artificial Intelligence, & Deep Learning, and When to Use Them]( Advancements in artificial intelligence technology and machine learning and deep learning algorithms promise to transform enterprise security by giving IT security teams tools to detect and respond to attacks faster than before. Before security teams can use these tools, they ... [View More Dark Reading Webinars >>]( WHITE PAPERS - [Breaches Prompt Changes to Enterprise IR Plans and Processes]( - [Incorporating a Prevention Mindset into Threat Detection and Response]( - [Five Best Practices for AWS Security Monitoring]( - [Sumo Logic for Continuous Intelligence]( - [Gartner, Quick Answer: How Can Organizations Use DNS to Improve Their Security Posture?]( - [Understanding DNS Threats and How to Use DNS to Expand Your Cybersecurity Arsenal]( - [Optimizing Endpoint Protection]( [View More White Papers >>]( FEATURED REPORTS - [Breaches Prompt Changes to Enterprise IR Plans and Processes]( - [Practical Network Security Approaches for a Multicloud, Hybrid IT World]( The report covers areas enterprises should focus on for their multicloud/hybrid cloud security strategy: -increase visibility over the environment -learning cloud-specific skills -relying on established security frameworks -re-architecting the network - [Understanding DNS Threats and How to Use DNS to Expand Your Cybersecurity Arsenal]( With attacks and breaches on the rise, enterprise security teams need full visibility over what they have in their network. DNS is a key tool for visibility and asset discovery. Proactive DNS-layer security - such as using DNS data to ... [View More Dark Reading Reports >>]( PRODUCTS & RELEASES [Acronis' Midyear Cyberthreats Report Finds Ransomware Is the No. 1 Threat to Organizations, Projects Damages to Exceed $30 Billion by 2023]( [CyberRatings.org Announces New Web Browser Test Results for 2022]( [Report: Financial Institutions Are Overwhelmed When Facing Growing Firmware Security and Supply Chain Threats]( [MORE PRODUCTS & RELEASES]( CURRENT ISSUE [Living on the Edge: Building and Maintaining Security at the Network Edge]( [DOWNLOAD THIS ISSUE]( [VIEW BACK ISSUES]( Dark Reading Daily -- Published By [Dark Reading]( Informa Tech Holdings LLC | Registered in the United States with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA To opt-out of any future Dark Reading Daily Newsletter emails, please respond [here.]( Thoughts about this newsletter? [Give us feedback.](mailto:ContactDarkReading@informa.com) Keep This Newsletter Out Of Your SPAM Folder Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list: If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation. We take your privacy very seriously. Please review our [Privacy Statement.]( [© 2022]( | [Informa Tech]( | [Privacy Statement]( | [Terms & Conditions]( | [Contact Us](mailto:ContactDarkReading@informa.com)