RASBYTE TECH FEEDS

Cisco this week announced the availability of patches for a critical vulnerability in the Cisco Expressway series and TelePresence Video Communication Server (VCS) products that could allow an attacker to overwrite files on the underlying operating system with root privileges. According to Cisco, the vulnerability impacts Expressway Control (Expressway-C) and Expressway Edge (Expressway-E) devices, which are meant to enable remote collaboration for both mobile users and teleworkers. “Multiple vulnerabilities in the API and in the web-based management interface of Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS) could allow a remote attacker to overwrite arbitrary files or conduct null byte poisoning attacks on an affected device,” Cisco notes in an advisory. Tracked as CVE-2022-20812 (CVSS score of 9.0), the critical-severity vulnerability could allow an authenticated attack that has administrator read-write privileges to overwrite files on the underlying operating system remotely, with the privileges of the root user. The issue exists because user-supplied command arguments are not sufficiently validated, allowing an attacker to submit crafted input to the affected command. Cisco also resolved a high-severity bug impacting the enterprise communication solutions, which could allow an unauthenticated, remote attacker to access sensitive data. Tracked as CVE-2022-20813, the issue exists because certificates aren’t properly validated, thus allowing an attacker to set up a man-in-the-middle attack and “intercept the traffic between devices, and then using a crafted certificate to impersonate the endpoint.” The attacker could then view the intercepted traffic in clear text and could even modify the contents of the traffic. Both issues were addressed with Cisco Expressway series and TelePresence VCS release 14.0.7 and Cisco encourages all customers to update as soon as possible. This week, Cisco also announced patches for a high-severity vulnerability in Smart Software Manager On-Prem (SSM On-Prem), which could allow a remote, authenticated attacker to cause a denial of service (DoS) condition. Tracked as CVE-2022-20808, the vulnerability was addressed in Cisco SSM On-Prem release 8-202112. “This vulnerability is due to incorrect handling of multiple simultaneous device registrations on Cisco SSM On-Prem. An attacker could exploit this vulnerability by sending multiple device registration requests to Cisco SSM On-Prem,” the tech giant explains. Cisco says it’s not aware of any of these vulnerabilities being exploited in attacks. Further information on the latest Cisco patches can be found on the company’s security portal. Source: Securityweek: By Ionut Arghire on July 08, 2022

Elon Musk terminated his agreement to buy Twitter on Friday, less than three months after reaching a deal to acquire it. “Mr. Musk is terminating the Merger Agreement because Twitter is in material breach of multiple provisions of that Agreement, appears to have made false and misleading representations upon which Mr. Musk relied when entering into the Merger Agreement, and is likely to suffer a Company Material Adverse Effect,” a lawyer wrote on his behalf in a letter to Twitter’s chief legal officer, according to a Securities and Exchange Commission (SEC) filing. The letter alleged that the social media platform had rejected or ignored Musk’s requests for information he sought to “make an independent assessment of the prevalence of fake or spam accounts on Twitter’s platform.” The letter further claimed that data that was given to Musk was “incomplete” and that it was not “sufficient to perform such an independent assessment.” The chairman of Twitter’s board, Bret Taylor, said they would be pursing legal action. “The Twitter Board is committed to closing the transaction on the price and terms agreed upon with Mr. Musk and plans to pursue legal action to enforce the merger agreement. We are confident we will prevail in the Delaware Court of Chancery,” Taylor tweeted. The news had an impact on Twitter’s stock, which dropped 6 percent on Friday after hours, according to CNBC. Musk, who in April reached an agreement with Twitter to buy the company for $44 billion, has previously said that acquiring the social media platform was “not a way to sort of make money” and has floated changes to Twitter that he would have liked to see, such as the inclusion of an edit button. Republicans were excited at the prospect of Musk’s acquisition, expressing hope that he would increase free speech on Twitter, which has often led rivals with its stricter content moderation policies and was among the first social media platforms to ban former President Trump following the Jan. 6, 2021, Capitol riot. Source: The Hill, BY CAROLINE VAKIL - 07/08/22 5:41 PM ET

Microsoft said Wednesday it’s acquiring CloudKnox, a start-up whose software helps companies reduce the amount of access they provide to their cloud resources. Terms of the deal weren’t disclosed. The move represents another step Microsoft is taking to expand its security business, in addition to working to keep Windows and its other products secure. In January, Microsoft said it had generated over $10 billion in security revenue in the previous 12 months, up more than 40% year over year, meaning that it’s growing faster than most other product areas. Just last week, Microsoft announced the acquisition of another security company, RiskIQ, which can spot threats across a given company’s entire information-technology footprint. CloudKnox’s software works with Microsoft’s Azure public cloud, as well as the Amazon and Google clouds. The software spots — and can remove — cases of permissions for employees and virtual identities that aren’t being actively used, and it can show alerts about unusual activity. Microsoft corporate vice president Joy Chik explained in a blog post that as unmonitored cloud services (like virtual machines) proliferate, it’s harder for organizations to keep a tight control over who’s allowed to do what with them. “High-profile breaches demonstrate how quickly bad actors can move laterally by exploiting misappropriated privileged credentials.” The start-up was founded in 2015 and is based in Sunnyvale, California, with 58 employees listed on LinkedIn. Investors include Sorenson Ventures, Dell Technologies Capital and Foundation Capital. Source: CNBC