_______________________________
Cisco Releases Security Updates for Multiple Products
Situation:
Cisco has released security updates.
Problem:
Current Versions of existing products contain vulnerabilities.
Implication:
A remote attacker could exploit some of these vulnerabilities to take control of an affected system.
Need:
We encourage users and administrators to review the following advisories and apply the necessary updates:
• Cisco SD-WAN vManage Software Unauthenticated Access to Messaging Services cisco-sa-vmanage-msg-serv-AqTup7vs
• Vulnerability in NVIDIA Data Plane Development Kit Affecting Cisco Products: August 2022 cisco-sa-mlx5-jbPCrqD8
Additional Resources:
CISA Bulletin:
https://www.cisa.gov/uscert/ncas/current-activity/2022/09/08/cisco-releases-security-updates-multiple-products
Cisco Security Updates:
https://tools.cisco.com/security/center/publicationListing.x
________________________________
Situation:
CISA, the Federal Bureau of Investigation (FBI), and the Multi-State Information Sharing and Analysis Center (MS-ISAC) have released a joint Cybersecurity Advisory (CSA), #StopRansomware: Vice Society.
Problem:
Vice Society uses ransomware attacks against the education sector to gain access to, and threaten exposure of, sensitive personal information regarding students and staff for financial gain.
Implication:
An attacker could exploit one of these vulnerabilities to take control of an affected device.
Need:
We encourage organizations to review #StopRansomware: Vice Society for more information. Additionally, see StopRansomware.gov for guidance on ransomware protection, detection, and response.
Additional Resources:
CISA Bulletin: #StopRansomware: Vice Society
https://www.cisa.gov/uscert/ncas/current-activity/2022/09/06/stopransomware-vice-society
#StopRansomware: Vice Society:
https://www.cisa.gov/uscert/ncas/alerts/aa22-249a
Stop Ransomware:
https://www.cisa.gov/stopransomware