Cisco starts releasing security patches for a critical flaw affecting Adaptive Security Appliance (ASA) flaws-- one involving an exploit linked to the US National Security Agency (NSA).

Dubbed ExtraBacon, the exploit was recently discovered in networking hardware from Cisco and Fortinet. It is the work of a group called Shadow Brokers, who claims to have stolen "cyber weapons" from the Equation, a group believed to be an elite NSA hacking unit through its use of a 16-character string listed in an NSA manual leaked by Edward Snowden. ExtraBacon is actually just part of the toolset obtained by Shadow Brokers, and the full leaked set is currently available on auction for a million bitcoins.

The exploit affects versions 8.4(4) and earlier of ASA software, although it can be modified to work on newer versions. It involves a buffer overflow vulnerability in the Simple Network Management Protocol (SNMP) implementation, and allows attackers to remotely execute rogue code in affected devices through traffic sent to the SNMP interface.

The US government releases a list of firms compliant with Privacy Shield US-EU security agreement-- one showing Microsoft as the only big name in public cloud holding the necessary credentials.

Launched back in 12 July, Privacy Shield is a self-certification process for US companies wanting to deal in the transfer and storage of both HR and non-HR data from the EU. So far just 35 companies have completed the process, most of which are smaller or more specialised players. In fact, apart from Microsoft the biggest names on the list are Salesforce and Workday, while the likes of Google, AWS, Rackspace and Facebook are conspicuously absent.

Gartner reports global information security spending is set to grow by 7.9% to reach $81.6 billion in 2016, with consulting and IT outsourcing as the largest spending categories.

By end 2020 the highest growth is forecast to come from security testing, IT outsourcing and data loss prevention (DLP). During the same period secure web gateways (SWGs) should maintain growth of 5-10% as organisations focus on detection and response, all while security practitioners retain a buying preference for preventative measures.

"Organisations are increasingly focusing on detection and response, because taking a preventive approach has not been successful in blocking malicious attacks," the analyst says. "We strongly advise businesses to balance their spending to include both."

The Dutch National Police, Europol, Intel Security and Kaspersky Lab join forces in No More Ransom-- an initiative aimed at informing the public about the dangers of ransomware, as well as helping victims recover their data without paying cybercriminals.

No More Ransom currently offers downloadable tools for the decryption of PCs affected by common ransomware attacks, including CoinVault, Bitcryptor, Cryptxxx 1, 2 and 3. In fact, the launch of the initiative comes about with the takedown of the servers holding the decryption keys of Shade, a ransomware variant with a victim count reaching 160000.

The advice on offer by No More Ransom is basic but decent-- do regular backups, keep software up-to-date, use a solid antivirus, show file extensions by default and trust no one. In case of attack, the initative insists one should not pay the ransom, but to do so one needs to hold regular backups. Some organisations ended up prey to such attacks, including the University of Calgary, which paid $20000 to restore access to systems and data.

Meanwhile a "Crypto Sherrif" section allows the public to help in the effort by uploading malware samples and a description helping identify the kind of ransomware affecting their systems.