A podcast about the world of Cybersecurity, Privacy, Compliance, and Regulatory issues that arise in today's workplace. Co-hosts Bryan Brake, Brian Boettcher, and Amanda Berlin teach concepts that aspiring Information Security professionals need to know, or refresh the memories of seasoned veterans.
http://www.brakeingsecurity.com
episode 25: Cognizant breach, maze ransomware, PAN-OS CVE 2020-2021, SAML authentication walkthrough
Thank you to Marcus Carey for his excellent guidance and leadership this week.
Cognizant breach: https://www.ehackingnews.com/2020/06/cognizant-reveals-employees-data.html
Maze ransomware write-up: https://www.mcafee.com/blogs/other-blogs/mcafee-labs/ransomware-maze/
https://www.fireeye.com/blog/threat-research/2020/05/tactics-techniques-procedures-associated-with-maze-ransomware-incidents.html
https://docs.paloaltonetworks.com/pan-os/9-0/pan-os-admin/authentication/authentication-types/saml
PAN-OS CVE 2020-2021 -
We have been made aware of a serious issue with SAML on Palo Alto Networks PAN-OS
We strongly encourage our customers to upgrade to one of the following versions :
PAN-OS 8.1.15
PAN-OS 9.0.9
PAN-OS 9.1.3 and greater
This is a critical vulnerability with the only mitigation being to either turn OFF SAML or to upgrade the PAN-OS.
A CVE will be released on Monday :: CVE-2020-2021
https://en.wikipedia.org/wiki/Security_Assertion_Markup_Language