Nov 20, 2024 SME Cybersecurity

Black Friday & Cyber Monday Cybersecurity Tips

Black Friday and Cyber Monday are two of the most anticipated shopping days, with millions of customers flocking online and in-store for deals. These high-traffic days offer significant sales opportunities, but they also attract cybercriminals aiming to exploit the increase in online activity. Cyber threats spike around these shopping events, and if your business isn’t prepared, you could be at risk for data breaches, phishing scams, and financial loss. To help you stay secure, we’ve put together essential cybersecurity tips to protect your business from Black Friday through Cyber Monday.

Nov 15, 2024 News

This Week in Cybersecurity: Looking Back at Week 46

Elevate Your Cybersecurity with NCSC’s Cyber Improvement Grant Critical Vulnerability in Palo Alto Networks’ Expedition Tool Exposes Admin Accounts to Takeover Microsoft Patch Tuesday for November 2024 Fixes 89 Vulnerabilities New Excel Malware Campaign Exploits .XLL Files for Stealthy Data Theft Clop Ransomware Exploits MOVEit Zero-Day Vulnerability Hackers Breach Schneider Electric, Expose Sensitive Corporate Data Growing Threat of SEO Poisoning and Malicious Ads in Google Search Results Google Vertex AI Vulnerabilities Expose Risks in Custom AI Model Deployment MOVEit Vulnerability Exposes Amazon Employee Data via Third-Party Breach Meta Faces €798 Million Fine in EU’s Largest Antitrust Action Yet Opera Browser Vulnerability Allows Exploits via Malicious Extensions Zoom Patches Critical Vulnerabilities Allowing Privilege Escalation and Data Leaks Misconfigured Microsoft Power Pages Sites Leave Millions of Records Exposed Elevate Your Cybersecurity with NCSC’s Cyber Improvement Grant The NCSC Cyber Improvement Grant, providing up to €60,000 in funding, helps businesses implement vital cybersecurity measures based on their initial Cyber Security Review.

Nov 14, 2024 Vulnerability

Maximising Your Cybersecurity with the NCSC Cyber Improvement Grant

Organisations that have taken advantage of Enterprise Ireland’s Cyber Security Review Grant have gained a comprehensive assessment of their cybersecurity posture, identified key vulnerabilities, and received a clear roadmap to strengthen their cybersecurity measures. After benefiting from this initial review, your organisation can move forward with the Cyber Improvement Grant to implement these recommendations. This follow-on grant is designed to elevate your organisation’s cybersecurity maturity by addressing and mitigating identified risks, fortifying your defences against potential cyber threats.

Nov 11, 2024 Cybersecurity Alert

Palo Alto Networks Expedition Vulnerability Puts Admin Accounts at Risk

In July 2024, a critical vulnerability, CVE-2024-5910, was identified in Palo Alto Networks’ Expedition tool. This vulnerability, which scores a 9.3 on the CVSS 3.0 scale, exposes Expedition to a significant risk of admin account takeover by unauthorised parties with network access to the tool. As organisations increasingly rely on automation tools like Expedition for configuration migration, tuning, and enrichment, this security flaw is one that affected users cannot afford to overlook.

Nov 8, 2024 News

This Week in Cybersecurity: Looking Back at Week 45

This week in the news: Cyberattack Disrupts SETU Waterford Campus, Forcing Class Cancellations Ireland’s NCSC Reports Successful Cybersecurity Efforts in 2023 Annual Update Pro-Russian Hackers Target UK Local Authorities in Cyber Attack Wave UK Businesses Face Mounting Supply Chain Cybersecurity Challenges New FakeCall Malware: A Sophisticated Threat to Android Users’ Financial Security Interpol’s Operation Synergia II Deals Major Blow to Global Cybercrime Windows Server 2025 Faces Critical Install and Blue Screen Issues Critical Zero-Click Vulnerability in Synology NAS Devices Emulated Linux Environment Used to Conceal Malicious Cyber Activity Critical Security Alert for Nvidia GeForce Users Cyberattack Disrupts SETU Waterford Campus, Forcing Class Cancellations South East Technological University’s Waterford (SETU) campus has been hit by a significant cyberattack, leading to the cancellation of classes and severe disruption of IT services.

Nov 5, 2024 Cyber Advisory

The Importance of Third-Party Cybersecurity Assessments

Cybersecurity risks don’t just come from within your organisation; they often arise from third-party vendors who manage essential services like cloud hosting, software development, and data storage. A single vulnerability in a vendor’s system can open the door for cybercriminals to access your sensitive data, potentially jeopardising your entire business. These risks make third-party cybersecurity assessments critical for safeguarding your operations and ensuring that your vendors meet the required security standards.

Nov 1, 2024 News

This Week in Cybersecurity: Looking Back at Week 44

This week in the news: Critical LiteSpeed Cache Plugin Vulnerability Exposes Millions of WordPress Sites PSAUX Ransomware Exploits Zero-Day, Hitting 22,000 CyberPanel Servers LottieFiles npm Supply Chain Attack Targets Cryptocurrency Users Bedfordshire Ranks as UK’s Cybercrime Capital with 2,900 Victims Annually Sysdig Uncovers EMERALDWHALE Campaign Exposing 15,000+ Stolen Cloud Credentials French ISP Free Suffers Major Data Breach Impacting Millions QNAP Patches Critical Zero-Day Vulnerability Following Pwn2Own Ireland 2024 Google Patches Critical Chrome Vulnerability Akira and Fog Ransomware Exploit SonicWall VPN Vulnerability New Ransomware Group “Embargo” Uses Toolkit to Disable Security Solutions FortiJump Vulnerability Exploited in Zero-Day Attacks Since June 2024 Cisco VPN Vulnerability Actively Exploited by Attackers Critical Vulnerabilities in Open-Source AI Models Uncovered, Potential for Remote Code Execution Critical LiteSpeed Cache Plugin Vulnerability Exposes Millions of WordPress Sites A high-severity vulnerability (CVE-2024-50550) in the LiteSpeed Cache plugin allows attackers to elevate privileges and potentially gain administrator access on WordPress sites.

Oct 24, 2024 News

This Week in Cybersecurity: Looking Back at Week 43

This week in the news: LinkedIn Fined €310 Million for Data Privacy Violations Microsoft Fixes 100 Vulnerabilities in October Patch Tuesday Fortinet Issues Urgent Warning on Critical Zero-Day Vulnerability Phishing Attack Uses Fake CAPTCHA to Bypass Detection Ransomware Attack Disrupts Swiss School’s IT Systems Bumblebee Malware Resurges with New Capabilities Google Warns of Samsung Zero-Day Vulnerability Under Active Exploit Unchecked Exploitation of Mobile Ad Data Microsoft Defender VPN Adds Feature to Detect Unsafe Wi-Fi Networks Rise in Fake Parking Penalty Scams on Isle of Wight Calgary Public Library Closes Amid Cybersecurity Breach LinkedIn Fined €310 Million for Data Privacy Violations LinkedIn has been fined by the Irish Data Protection Commission (DPC) for violations of data privacy regulations.

Oct 23, 2024 News

Strengthen Your Business with the Enterprise Ireland Cyber Security Review Grant

As cyberattacks grow more frequent and sophisticated, malicious actors target organisations across the spectrum—from fledgling startups to established SMEs and large corporations. Recognising the pressing need for organisations to protect sensitive information and mitigate the risk of cyber-attacks, Enterprise Ireland has launched the Cyber Security Review Grant. This offers Irish organisations a practical and cost-effective solution to bolster their defences against cyber threats and ensure regulatory compliance. If you’re an Irish organisation and Enterprise Ireland client, you now have access to substantial support from Enterprise Ireland to evaluate your current cybersecurity posture and identify potential vulnerabilities.

Oct 21, 2024 SME Cybersecurity

Cybersecurity Awareness Month - Strengthening Your Businesss Defences

Cybersecurity Awareness Month serves as an important reminder for businesses of all sizes to stay vigilant against the cyber threats that target our data and systems. Whether you’re an experienced IT professional or just starting to learn the basics of cybersecurity, this month provides the perfect opportunity to evaluate and enhance your security practices. Malicious actors don’t discriminate based on the size of your business or your level of technical knowledge.

Oct 18, 2024 News

This Week in Cybersecurity: Looking Back at Week 42

Data Breach at Cabot Financial Exposes Sensitive Consumer Information A significant data breach at Cabot Financial, one of Ireland’s largest debt-collection agencies, has potentially compromised the personal and financial details of thousands of consumers. The agency, which manages accounts for approximately 80 credit unions and other lenders, has disabled its website and several phone lines in response to the attack. Cabot Financial has confirmed it is actively addressing a suspected cyber attack and is collaborating with IT experts to protect customer data.

Oct 14, 2024 News

EU’s Cyber Resilience Act: Strengthening Security for Digital Products

On October 10, 2024, the European Council formally adopted the Cyber Resilience Act (CRA) —a landmark regulation aimed at ensuring that digital products sold within the European Union (EU) meet stringent cybersecurity requirements. This new law represents a significant step toward improving cybersecurity across the digital ecosystem, making Europe’s digital infrastructure more secure and resilient. But what exactly does this act entail, and what does it mean for businesses, consumers, and manufacturers of digital products?

Oct 14, 2024 News

Critical Vulnerability identified in SAP BusinessObjects

A critical security vulnerability, identified as CVE-2024-41730 has been disclosed in SAP’s BusinessObjects Business Intelligence (BI) Platform. This vulnerability allows attackers to bypass authentication when Single Sign-On (SSO) is enabled for Enterprise authentication, enabling unauthorised access to the platform through a REST endpoint. With a CVSS score of 9.8, this vulnerability is rated as critical, posing a significant threat to affected organisations due to its potential to compromise the confidentiality, integrity, and availability of their systems.

Oct 10, 2024 News

This Week in Cybersecurity: Looking Back at Week 41

Ivanti Warns of Active Exploits Targeting New Cloud Service Appliance Vulnerabilities Ivanti has identified three new security vulnerabilities (CVE-2024-9379, CVE-2024-9380, and CVE-2024-9381) in its Cloud Service Appliance (CSA), which are actively being exploited. These flaws, found in CSA versions before 5.0.2, involve SQL injection, OS command injection, and path traversal attacks, all of which can be used by remote authenticated attackers with admin privileges. Threat actors are combining these vulnerabilities with a previously disclosed zero-day (CVE-2024-8963) to carry out sophisticated attacks.

Oct 9, 2024 Cyber Advisory

NIS2 Compliance: Key Steps to Ensure Readiness

As the European Union’s NIS2 Directive comes into force, businesses across critical sectors are under increasing pressure to bolster their cybersecurity defenses. This directive isn’t just another compliance box to tick—it’s a comprehensive framework that raises the stakes for network and information security across the board. In this blog, we provide essential steps to help ensure your organization is not only compliant but also resilient against evolving cyber threats. From governance and accountability to incident reporting and supply chain security, these steps will guide you through the process of protecting your business.

Oct 7, 2024 Cybersecurity Alert

MORE_EGGS Backdoor: A Growing Threat to Recruiters

A recent report by Trend Micro , highlights that attackers are leveraging the “MORE_EGGS” backdoor in a phishing campaign, primarily targeting recruitment platforms. These attackers compromise websites commonly used by recruiters to infect their devices, aiming to achieve financial gain. Overview The Trend Micro report details the technical aspects of the MORE_EGGS which is a JScript backdoor a part of Golden Chickens Malware-as-a-Service (MaaS) toolkit which is mainly used by threat actors such as FIN6 and the Cobalt Group.

Oct 4, 2024 News

This Week in Cybersecurity: Looking Back at Week 40

Critical Vulnerabilities Found in DrayTek Routers Forescout Research’s Vedere Labs has uncovered 14 critical vulnerabilities in DrayTek routers, affecting both residential and enterprise models. Among the most severe, one vulnerability received a maximum CVSS score of 10, while another scored 9.1. These security flaws could allow attackers to exploit routers for remote code execution (RCE), denial-of-service (DoS), and cross-site scripting (XSS). With over 700,000 exposed DrayTek routers globally, including many with public-facing web interfaces, this poses a significant risk to enterprise networks.

Oct 1, 2024 Cyber Advisory

NIS2 Explained: How It Builds on NIS and What You Need to Know

The Network and Information Systems (NIS) Directive, introduced by the European Union in 2016, represented a major milestone in creating a unified cybersecurity framework across member states. However, with the rapid evolution of cyber threats and advancements in technology, the need for an update became clear. Enter NIS2 , the enhanced directive that comes into effect on 17th October 2024. In this blog post, we’ll delve into the key differences between NIS and NIS2, their implications for organisations, and the advantages of transitioning to the new directive.

Oct 1, 2024 Cybersecurity Alert

Red Hat Discloses Critical OpenPrinting CUPS Vulnerabilities Affecting RHEL

Red Hat has recently disclosed several critical vulnerabilities within OpenPrinting CUPS , an open-source printing system widely used across modern Linux distributions, including Red Hat Enterprise Linux (RHEL). These vulnerabilities (CVE-2024-47076, CVE-2024-47175, CVE-2024-47176, and CVE-2024-47177) pose a significant security risk, particularly if exploited in combination. Understanding the Vulnerabilities OpenPrinting CUPS is essential for managing, discovering, and sharing printers across Linux systems. However, if these vulnerabilities are exploited together, attackers could potentially achieve remote code execution, leading to the theft of sensitive data or damage to critical production systems.

Sep 26, 2024 News

This Week in Cybersecurity: Looking Back at Week 39

Enterprise Ireland and National Cyber Security Centre Launch Cyber Security Review Grant for SMEs Enterprise Ireland and the National Cyber Security Centre have introduced the Cyber Security Review Grant to help SMEs strengthen their online security against cyber threats. The grant covers 80% of project costs, up to €3,000, and offers businesses expert consultancy to assess and improve their cybersecurity practices. Funded through the EU’s NextGenerationEU program, the initiative is part of Ireland’s National Recovery and Resilience Plan aimed at promoting digital transformation.

Sep 23, 2024 Cybersecurity Alert

High-Risk Vulnerability in Ivanti CSA Demands Immediate Patch Action

A critical security vulnerability, CVE-2024-8963, has been discovered in Ivanti’s Cloud Services Appliance (CSA) version 4.6 . The flaw, which has a high CVSS score of 9.4, was addressed incidentally in the patch released on September 10, 2024 (Patch 519). However, it remains a significant risk for organisations that have not yet applied this update. Understanding CVE-2024-8963 This vulnerability allows remote unauthenticated attackers to exploit the system by accessing restricted functionality.

Sep 20, 2024 News

This Week in Cybersecurity: Looking Back at Week 38

Hezbollah Pager Explosions Highlight Supply Chain Security Concerns A coordinated attack in Lebanon resulted in the explosion of pagers used by Hezbollah fighters, killing at least eight people, including a child, and injuring over 2,800. The detonations, which occurred simultaneously across the country, are being described as the “biggest security breach” in nearly a year of conflict with Israel. Security experts believe the explosions were part of a supply chain attack, where threat actors tampered with the hardware of the pagers before they were distributed.

Sep 18, 2024 Cyber Advisory

Is Your Organisation Ready for NIS2? Take Our Free Readiness Questionnaire

With the new NIS2 Directive set to impact businesses across multiple sectors, the need to enhance security and compliance has never been more pressing. But how confident are you that you’re fully prepared? Our NIS2 Readiness Questionnaire is here to help. This high-level questionnaire is designed to evaluate your current cybersecurity capabilities and uncover key areas for improvement. You’ll also receive a personalised score with actionable recommendations to enhance your security controls.

Sep 17, 2024 Vulnerability

Critical Vulnerabilities in Red Hat OpenShift Container Platform 4

Red Hat has recently disclosed two critical vulnerabilities in OpenShift Container Platform 4 that require urgent attention from affected organisations. The vulnerabilities, identified as CVE-2024-45496 and CVE-2024-7387, both have critical CVSS3.0 scores, highlighting their severity. CVE-2024-45496: Privilege Misuse in Build Process This flaw, with a CVSS score of 9.9, occurs due to the misuse of elevated privileges during the build process of OpenShift Container Platform. Specifically, the git-clone container is run with a privileged security context, granting unrestricted access to the node.

Sep 12, 2024 News

This Week in Cybersecurity: Looking Back at Week 37

Cyber Attack Hits German Air Traffic Control Agency The German air traffic control agency, Deutsche Flugsicherung (DFS), has confirmed a recent cyber attack that disrupted its office communications, though air traffic operations remained unaffected. The attack, suspected to be the work of the notorious hacker group APT28 (Fancy Bear), targeted the company’s IT infrastructure. APT28, closely linked to Russia’s military intelligence service GRU, has a long history of cyber attacks on critical infrastructure, government agencies, and political organisations across Europe and North America.

Sep 10, 2024 Cybersecurity Alert

Critical RCE Vulnerabilities in Veeam Backup and Replication and Veeam ONE Agent

Veeam has disclosed two critical vulnerabilities that pose significant risks to users of its Backup and Replication software and ONE Agent. These flaws, tracked as CVE-2024-40711 and CVE-2024-42024, could allow unauthenticated attackers to execute arbitrary code remotely, putting affected systems at risk. CVE-2024-40711 – Veeam Backup and Replication (CVSS: 9.8) This critical vulnerability, present in Veeam Backup and Replication versions 12.1.2.172 and earlier, allows remote code execution (RCE) via a deserialisation of untrusted data.

Sep 5, 2024 News

This Week in Cybersecurity: Looking Back at Week 36

Transport for London (TfL) Faces Ongoing Cyberattack, No Service Disruptions Transport for London (TfL), the agency overseeing Greater London’s transportation network, is grappling with a cyberattack that has primarily affected its internal IT systems. While TfL assured that no customer data has been compromised and public transport services remain unaffected, it has engaged the UK government, including the National Crime Agency and National Cyber Security Centre, for support. Employees have been advised to work from home as the investigation continues.

Sep 2, 2024 News

Critical Security Vulnerability in Google Chrome

Google Chrome users are being urged to update their browsers immediately due to a critical security vulnerability identified as CVE-2024-7971 . This vulnerability, known as a type confusion flaw, affects the V8 JavaScript and WebAssembly engine within Google Chromium versions prior to 128.0.6613.84. The flaw allows a remote attacker to exploit heap corruption through a specially crafted HTML page, making it a significant threat with a CVSS score of 8.8 (High).

Aug 30, 2024 News

This Week in Cybersecurity: Looking Back at Week 35

Fota Wildlife Park in Cork hit by cyberattack Fota Wildlife Park in Cork recently experienced a cyberattack that may have compromised the financial information of customers who made transactions on its website between May 12, 2024, and August 27, 2024. In an email to customers, the park advised those affected to cancel any credit or debit cards used during that period and to review their bank and credit card statements for any suspicious activity.

Aug 22, 2024 News

This Week in Cybersecurity: Looking Back at Week 34

Massive Data Leak Allegedly Exposes 3 Billion Records from National Public Data A proposed class action lawsuit has been filed against National Public Data (NPD), accusing the company of being the source of a massive data breach affecting up to 3 billion individuals. The data, reportedly leaked and offered for sale on the dark web by the hacker group USDoD for $3.5 million, includes sensitive information such as Social Security numbers and personal details.

Aug 20, 2024 News

Critical Vulnerability in Palo Alto Networks Cortex XSOAR CommonScripts

A critical command injection vulnerability (CVE-2024-5914) has been identified in Palo Alto Networks’ Cortex XSOAR CommonScripts Pack . The identified vulnerability affects all versions of Palo Alto Networks’ Cortex XSOAR CommonScripts Pack prior to version 1.12.33. It allows unauthenticated attackers to execute arbitrary commands within the context of an integration container—essentially providing the attacker with control over part of the system. This type of attack is classified as a command injection vulnerability, a serious threat that could lead to extensive damage if exploited.

Aug 16, 2024 News

This Week in Cybersecurity: Looking Back at Week 33

Critical Windows Vulnerabilities Expose Systems to Downgrade Attacks Microsoft is addressing two critical vulnerabilities in its Windows update architecture, CVE-2024-38202 and CVE-2024-21302. These flaws, with CVSS scores of 7.3 and 6.7 respectively, could allow attackers to perform downgrade attacks, replacing current OS files with older versions. CVE-2024-38202 affects the Windows Backup component, potentially reintroducing mitigated vulnerabilities or circumventing Virtualization Based Security (VBS) features. CVE-2024-21302 enables privilege escalation in VBS-supported Windows systems.

Aug 9, 2024 News

This Week in Cybersecurity: Looking Back at Week 32

Ireland Unveils National Cyber Emergency Plan to Strengthen Response to Cyber Threats This week, Ireland published its National Cyber Emergency Plan (NCEP), developed through extensive public and private sector engagement and lessons from recent cyber exercises and the 2021 HSE ransomware attack. The NCEP details the process for declaring and managing a National Cyber Emergency, outlining clear roles and responsibilities. It incorporates flexible response strategies for diverse cyber incidents through three cooperation modes:

Aug 5, 2024 Vulnerability

Zero Day Exploit: Critical Vulnerability in Apache OFBiz

A zero-day pre-authentication remote code execution vulnerability , identified as CVE-2024-38856, has been discovered in the Apache OFBiz open-source enterprise resource planning (ERP) system. This critical flaw could allow threat actors to execute remote code on affected instances, posing significant risks to businesses relying on this software. Vulnerability Overview Vulnerability Type: Zero-day pre-authentication remote code execution CVSS Score: 9.8/10 Affected Versions: Apache OFBiz versions prior to 18.12.15 The vulnerability stems from a flaw in the authentication mechanism of Apache OFBiz.

Aug 2, 2024 News

This Week in Cybersecurity: Looking Back at Week 31

Average cost of a data breach rises to €4.5m According to IBM’s annual ‘Cost of a Data Breach Report,’ the average cost of data breaches globally has risen to €4.49 million this year, marking a significant 10% increase year-over-year — the largest since the pandemic began. The report reveals that 70% of breached organisations experienced significant disruptions, with lost business and post-breach customer and third-party response costs contributing heavily to the financial impact.

Jul 31, 2024 Vulnerability

Zero Day Exploit: VMWare ESXi Auth Bypass Exploited by Ransomware Attackers

Microsoft has warned that ransomware gangs are actively exploiting a VMware ESXi authentication bypass vulnerability in cyber attacks. The vulnerability, tracked as CVE-2024-37085 , is a medium severity flaw (CVSS Score 5.3-6.8) which enables a new user to join an ‘ESX Admins’ group. The user will automatically be assigned full privileges on the ESXi hypervisor. Vulnerability Overview Broadcom explains that a malicious actor with sufficient Active Directory (AD) permissions can gain full access to an ESXi host configured to use AD for user management by re-creating the default AD group “ESX Admins” after it has been deleted.

Jul 25, 2024 News

This Week in Cybersecurity: Looking Back at Week 30

CrowdStrike content update causes global IT outage On July 19th, over 8.5 million computers were compromised in what is now considered one of the most severe cyber incidents in history. The outage impacted a diverse array of industries, grounding flights, disrupting health services, and rendering payment systems inoperable. In the post-incident review, the company revealed that the crash was caused by a system bug that permitted “problematic content data” to bypass the validation process.

Mar 8, 2024 Vulnerability

Jetbrains Teamcity Vulnerability Under Active Exploitation

Following the recent disclosure on 3rd March 2024, malicious actors wasted no time launching sophisticated attacks targeting two critical vulnerabilities within the popular CI/CD platform, Jetbrains TeamCity. The vulnerabilities relate to authentication bypass which can allow an unauthorised user to perform administrative actions, marking a significant threat to the platform widely utilised for automating software builds, testing, and deployment processes. Examination of the Vulnerability Analysis of the Vulnerabilities A closer examination of CVE-2024-27198, with a CVSS rating of 9.

Mar 6, 2024 GRC

A look at the NIST Cybersecurity Framework 2.0

On 26th February 2024, NIST released a major update to its Cybersecurity Framework (CSF) which has been widely adopted by organisations to help them in managing and mitigating cyber risks over the past decade. The updates to the CSF (v2.0), are the result of years of discussions and public feedback, aimed at enhancing the framework’s utilisation and applicability across various sectors, and not just critical infrastructure. In this article, we will look at some of the big changes that have been incorporated into version 2.

Feb 27, 2024 Incident Response

Conducting Crisis Management Exercises Effectively

A crisis management exercise is a structured and simulated activity designed to test and enhance an organisation’s ability to respond effectively to crises or emergencies. These activities should not be typical check-the-box exercises, but rather a technique to prepare everyone for the worst by developing a resilient and prepared team. These exercises can help businesses transform hypothetical events into concrete strategies, allowing them to deal with incidents or crises confidently and successfully.

Feb 20, 2024 Cybersecurity Alert

Critical ConnectWise ScreenConnect RCE Vulnerability Exposed

In a significant development that is rippling through the cybersecurity community, a critical vulnerability has been identified in ConnectWise’s ScreenConnect software (specifically versions 23.9.7 and earlier). This software is a cornerstone for many Managed Service Providers (MSPs) allowing them to administer customer endpoints worldwide. It has been assigned the highest severity rating of CVSS 10, meaning that this vulnerability poses a direct threat to the security of tens of millions of endpoints, necessitating immediate and decisive action.

Feb 14, 2024 News

Cybersecurity Incident Strikes Aviation Industry

The aviation sector has once again found itself at the crosshairs of cybercriminal activities, with Willis Lease Finance Corporation, a stalwart in jet engine leasing, disclosing a significant cybersecurity breach. This incident marks a concerning development in the landscape of digital security within the aviation industry, shedding light on the vulnerabilities and the sophisticated nature of cyber threats faced by corporations today. Summary of What Has Happened Willis Lease Finance Corporation reported unauthorized activity on its systems to the US Securities and Exchange Commission (SEC), discovered on January 31.

Jan 25, 2024 Tips

Top 5 Cybersecurity Tips for Black Friday and Cyber Monday

Black Friday and Cyber Monday traditionally mark the beginning of the Christmas shopping season. They are also a key time of year where you can scour the internet searching for discounts on your favourite brands. The increase in online shoppers makes it a prime opportunity for malicious actors such as scammers, phishers and identity thieves to take advantage of the flurry of online shoppers for their own malicious activities. At this time of year, it is paramount to do everything you can to protect your sensitive information and data from malicious criminals.

Dec 5, 2023 News

New Threat Actor "Aeroblade" Targets Aerospace Sector

The emergence of AeroBlade, a new and sophisticated cyber threat actor, has raised significant concerns within the U.S. aerospace sector. This group, identified by the BlackBerry Threat Research and Intelligence team, has launched targeted cyber espionage attacks, showcasing their evolving tactics and techniques. Summary of Events AeroBlade’s operations began with a testing phase in September 2022, using spear-phishing emails with weaponised documents to penetrate corporate networks. These attacks escalated in complexity by July 2023, with the deployment of advanced reverse-shell payloads for data theft and reconnaissance.

Nov 29, 2023 News

Navigating the Aftermath of the Okta Data Breach

In the rapidly evolving landscape of cybersecurity, even leading companies are not immune to data breaches. A recent incident involving Okta, a prominent identity and access management company, highlights this reality. This blog post aims to provide a comprehensive overview of the Okta data breach that occurred in October 2023, detailing the events, the impact on users, and crucial steps for those affected to mitigate risks. Summary of What Has Happened In October 2023, Okta disclosed a significant security breach in its customer support management system, commonly known as the Okta Help Center.

Nov 29, 2023 GRC

The Path to Operational Resilience Key Considerations for Credit Unions

In a time where business disruptions and cybersecurity incidents are inevitable, operational resilience has become a prominent focus area for the Central Bank of Ireland (CBI). As a result, the CBI released Cross Industry Guidance on Operational Resilience in December 2021 and has given those in the financial services sector a maximum of two years to implement their guidance. By December 2023, all financial institutions will need to be able to demonstrate that their operational resilience strategies are aligned to the guidance.

Oct 31, 2023 News

Secora Consulting achieves ISO 27001:2017 and ISO 9001:2015 certification

Secora Consulting is proud to announce that we have successfully achieved ISO 27001:2017 and ISO 9001:2015 certification, reaffirming our commitment to quality and security management in our operations. What is ISO 27001? ISO 27001 is an internationally recognised standard which sets out the requirements for establishing, implementing and maintaining an Information Security Management System (ISMS). The aim of this is to help businesses keep one of their most critical assets, their information, secure.

Sep 29, 2023 GRC

ISO 27001 - 7 reasons why organisations are certifying to the standard

ISO 27001 (ISO/IEC 27001:2017) is an internationally recognised and widely adopted standard which outlines best practices and requirements for an organisation’s Information Security Management System (ISMS). The ISMS is designed to preserve the confidentiality, integrity and availability of information by applying a risk management process with the aim of assisting organisations in keeping their information secure. In other words, the standard assists in helping organisations protect their sensitive information including customer information, financial data and intellectual property from unauthorised access.

Aug 17, 2023 Testing

Going Mobile: The importance of Mobile Application Testing

Managing attack surfaces is no easy task - you can’t protect what you don’t know you have. Many businesses have their own stories of a pseudo-mythological Windows XP box that sits in the corner and makes everything run. But one of the areas that often escapes testing is our mobile apps. With more and more businesses bringing their services on the go, we take a look at why mobile application testing is important, and what Secora commonly identifies when testing.

Aug 12, 2023 Testing

External and Internal Testing: Whats the Difference

Securing your organisation using policies and technical controls is critical; however, unless these controls and policies are regularly tested, an organisation cannot determine or monitor their effectiveness. It seems as though every week there is a new cyber attack reported that may affect just one organisation or multiple organisations simultaneously. The importance of penetration testing Building strong security controls and processes is essential to building effective defences. By engaging in Penetration testing , you can test and improve the controls and processes you already have in place to help build an effective and strong defence-in-depth cybersecurity posture.

Jul 20, 2023 GRC

Increase Your Credit Unions Cybersecurity Posture With Secora Consulting

Secora Consulting are delighted to be exhibiting at this year’s CUMA Spring Conference and AGM 2023. The event titled Change 2023, will run from the 29th to the 30th of March in the Galway Bay Hotel, Galway. We welcome you to visit our team at Stand 56 to learn more about our services and how we can help you align with the Central Bank’s IT security expectations. In advance of the conference, we have put together our most popular services used by Credit Unions throughout Ireland.

Jun 10, 2023 PCI DSS

The Importance of Penetration Testing for PCI Compliance

Back in 2020, Secora Consulting released a blog post titled “The Importance of Penetration Testing for PCI DSS Compliance ”. We decided recently that given the release of the new PCI DSS v4.0 that there was a good opportunity to give the guidance a refresh and discuss what has changed (and provide guidance on some areas that we often get queries from our customers). A summary of what is different in PCI DSS v4.