Cisco today began the process of patching a zero-day vulnerability in its Adaptive Security Appliance (ASA) software exposed in the ShadowBrokers data dump. Users on affected versions of ASA, 7.2, and 8.0 through 8.7, are urged to migrate soon to 9.1.7(9) or later. Newer versions that are also implicated—9.1 through 9.6—are expected to be updated...

Exploits against enterprise-grade Cisco firewalls dumped by the ShadowBrokers have quickly—and apparently without a lot of strenuous effort—been upgraded to attack more current versions of ASA. Researchers at Silent Signal in Hungary yesterday tweeted they had ported the EXTRABACON attack to ASA version 9.2(4), which was released a year ago. We successfully ported EXTRABACON to...

Cisco has quickly patched two vulnerabilities that were disclosed in the ShadowBrokers’ data dump. The networking giant today released advisories that it had fixed the flaws in its Adaptive Security Appliance (ASA), one of which was rated high severity; both of the vulnerabilities enable remote code execution. The ShadowBrokers are an unknown group of hackers...

Cisco has quickly patched one of two vulnerabilities that was disclosed in the ShadowBrokers’ data dump and issued an advisory on the other, which was patched in 2011, in order to raise awareness among its customers. The networking giant today released advisories saying that it had fixed both flaws in its Adaptive Security Appliance (ASA), the newest of which was...

Cisco has quickly provided a workaround for one of two vulnerabilities that was disclosed in the ShadowBrokers’ data dump and issued an advisory on the other, which was patched in 2011, in order to raise awareness among its customers. The networking giant today released advisories saying that it had acknowledged both flaws in its Adaptive Security Appliance (ASA), the newest of which...