Cisco Releases Multiple Security Updates

Original release date: June 18, 2020

Cisco has released security updates to address vulnerabilities affecting multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. For updates addressing lower severity vulnerabilities, see the Cisco Security Advisories page.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the following Cisco advisories and apply the necessary updates:

This product is provided subject to this Notification and this Privacy & Use policy.

ISC Releases Security Advisories for BIND

Original release date: June 18, 2020

The Internet Systems Consortium (ISC) has released security advisories that address vulnerabilities affecting multiple versions of ISC Berkeley Internet Name Domain (BIND). A remote attacker could exploit these vulnerabilities to cause a denial-of-service condition.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the ISC advisories for CVE-2020-8618 and CVE-2020-8619 for more information and to apply the necessary updates.

This product is provided subject to this Notification and this Privacy & Use policy.

Drupal Releases Security Updates

Original release date: June 18, 2020

Drupal has released security updates to address vulnerabilities affecting Drupal 7, 8.8, 8.9, and 9.0. A remote attacker could exploit one of these vulnerabilities to take control of an affected system.  

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review Drupal Advisories SA-CORE-2020-004 and SA-CORE-2020-005 for more information and to apply the necessary updates. 

This product is provided subject to this Notification and this Privacy & Use policy.

CERT NZ Releases Advisory on Ransomware Campaign

Original release date: June 18, 2020

The New Zealand Computer Emergency Response Team (CERT NZ) has released an advisory on a ransomware campaign leveraging remote access technologies. Malicious cyber actors are targeting organizations’ networks through remote access tools, such as Remote Desktop Protocol and virtual private networks, to exploit unpatched vulnerabilities and weak authentication.

After gaining access, cyber actors use various tools—including mimikatz, PsExec, Cobalt Strike, and Nefilim ransomware—for privilege escalation, lateral movement, persistence, and data exfiltration and encryption. Due to the level of access gained before deploying ransomware, the issue cannot be resolved by simply restoring data from backup.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the CERT NZ Advisory, Active Ransomware Campaign Leveraging Remote Access Technologies, for more information and mitigations as well as indicators of compromise associated with Nefilim ransomware. CISA also encourages organizations to review the following resources for more information on protecting against and responding to ransomware.

This product is provided subject to this Notification and this Privacy & Use policy.