This week was a doozy. Several large-scale organizations have experienced some form of cyberattack. Cloud vulnerabilities and malicious apps, masquerading as well-known services, have also taken up space in official app stores. Keep reading for a summary of this week’s top news!
JBS, a global meat processing company, has suffered a cyberattack that forced them to shutter part of their North American and Australian operation. Although the company hasn’t been forthcoming with details, they “took immediate action, suspending all affected systems, notifying authorities and activating the company’s global network of IT professionals and third-party experts to resolve the situation,” according to a statement provided to Security Magazine. The fallout has been compared to the Colonial Pipeline breach although JBS states they are unaware of any evidence that customer, supplier, or employee data has been compromised or misused as a result of the situation.
Lasso is an acronym for Liberty Alliance Single Sign On. It is a C library that implements Liberty Alliance and SAML (Security Assertion Markup Language) standards which processes federated identities, single sign-on (SSO), and other protocols. Lasso also has a vulnerability, tracked as CVE-2021-28091, that was initially reported to Akamai because it was discovered in the company’s Enterprise Application Access (EAA) product.
Cisco has also confirmed the use of the Lasso library and the networking behemoth is working on determining which of its products are impacted. Currently, Cisco’s advisory lists Adaptive Security Appliance (ASA), Content Security Management Appliance (SMA), Email Security Appliance (ESA), FXOS software, Web Security Appliance (WSA), and Firepower Threat Defense (FTD) as being vulnerable. Of course, other vendors and Linx distributors may be impacted as well--read more at SecurityWeek.
Someone has it out for Ivanti Pulse Connect Secure VPN appliances. FireEye Mandiant, collaborating with the Cybersecurity and Infrastructure Security Agency and Ivanti, reported details of 16 malware families exclusively designed to infect Pulse products–they’re believed to be affiliated with the Chinese…