Apple, VMware, supply chain and breaches - F5 SIRT This Week in Security - Aug 7th-13th 2022
This Week in Security
August 7th to August 13th 2022
Editor's Introduction
Aaron here as your editor this week, standing in for Lior while he is out on training. Keeping...
Updated Sep 08, 2022
Version 4.0
AaronJB
SIRT
SIRTJust to add a couple of things post writing this:
F5 released signatures for the VMware ONE authentication bypass CVE (CVE-2022-31656) - ensure your ASM, Advanced WAF, NGINX App Protect policies have signature 200013050 enabled if you are protecting such a resource.
Secondly, it seems to be confirmed that Clop breached South Staffordshire Water and not Thames Water as was originally reported: https://www.techerati.com/news-hub/ransomware-gang-successfully-hacks-uk-water-supplier/