Apple, VMware, supply chain and breaches - F5 SIRT This Week in Security - Aug 7th-13th 2022
Updated Sep 08, 2022
Version 4.0Was this article helpful?
Just to add a couple of things post writing this:
F5 released signatures for the VMware ONE authentication bypass CVE (CVE-2022-31656) - ensure your ASM, Advanced WAF, NGINX App Protect policies have signature 200013050 enabled if you are protecting such a resource.
Secondly, it seems to be confirmed that Clop breached South Staffordshire Water and not Thames Water as was originally reported: https://www.techerati.com/news-hub/ransomware-gang-successfully-hacks-uk-water-supplier/