Jun 29, 2020

Thank you to Marcus Carey for his excellent guidance and leadership this week.

Cognizant breach: https://www.ehackingnews.com/2020/06/cognizant-reveals-employees-data.html

Maze ransomware write-up: https://www.mcafee.com/blogs/other-blogs/mcafee-labs/ransomware-maze/

https://www.fireeye.com/blog/threat-research/2020/05/tactics-techniques-procedures-associated-with-maze-ransomware-incidents.html

https://docs.paloaltonetworks.com/pan-os/9-0/pan-os-admin/authentication/authentication-types/saml

PAN-OS CVE 2020-2021 - 

We have been made aware of a serious issue with SAML on Palo Alto Networks PAN-OS

We strongly encourage our customers to upgrade to one of the following versions :

PAN-OS 8.1.15

PAN-OS 9.0.9

PAN-OS 9.1.3 and greater

This is a critical vulnerability with the only mitigation being to either turn OFF SAML or to upgrade the PAN-OS.

A CVE will be released on Monday ::  CVE-2020-2021

https://en.wikipedia.org/wiki/Security_Assertion_Markup_Language