Mike Mimoso and Chris Brook discuss the news of the week, including the latest on ShadowBrokers and Cisco, the Sweet32 collision attack, decryptors for the Wildfire ransomware, and this week’s gaming forum breaches. Download: Threatpost_News_Wrap_August_26_2016.mp3 Music by Chris Gonsalves

Cisco today began the process of patching a zero-day vulnerability in its Adaptive Security Appliance (ASA) software exposed in the ShadowBrokers data dump. Users on affected versions of ASA, 7.2, and 8.0 through 8.7, are urged to migrate soon to 9.1.7(9) or later. Newer versions that are also implicated—9.1 through 9.6—are expected to be updated...

Exploits against enterprise-grade Cisco firewalls dumped by the ShadowBrokers have quickly—and apparently without a lot of strenuous effort—been upgraded to attack more current versions of ASA. Researchers at Silent Signal in Hungary yesterday tweeted they had ported the EXTRABACON attack to ASA version 9.2(4), which was released a year ago. We successfully ported EXTRABACON to...

Mike Mimoso and Chris Brook discuss the news of the week, including the Shadow Brokers debacle, the VeraCrypt audit, Pokemon ransomware, and a browser address bar vulnerability. Download: Threatpost_News_Wrap_August_19_2016.mp3 Music by Chris Gonsalves

Cisco has quickly patched two vulnerabilities that were disclosed in the ShadowBrokers’ data dump. The networking giant today released advisories that it had fixed the flaws in its Adaptive Security Appliance (ASA), one of which was rated high severity; both of the vulnerabilities enable remote code execution. The ShadowBrokers are an unknown group of hackers...

Cisco has quickly patched one of two vulnerabilities that was disclosed in the ShadowBrokers’ data dump and issued an advisory on the other, which was patched in 2011, in order to raise awareness among its customers. The networking giant today released advisories saying that it had fixed both flaws in its Adaptive Security Appliance (ASA), the newest of which was...

Cisco has quickly provided a workaround for one of two vulnerabilities that was disclosed in the ShadowBrokers’ data dump and issued an advisory on the other, which was patched in 2011, in order to raise awareness among its customers. The networking giant today released advisories saying that it had acknowledged both flaws in its Adaptive Security Appliance (ASA), the newest of which...

A high-stakes game of attribution started by a group claiming to have a cache of exploits belonging to the Equation Group took a somewhat definitive turn Tuesday afternoon. Researchers at Kaspersky Lab yesterday confirmed a connection between the tools currently up for auction by the ShadowBrokers and Equation Group exploits and malware that researchers at...