Blog

The latest news and developments

Explore a blend of security news, industry developments, and in-depth technical analysis of our services on Secora Consulting's blog. Bookmark this page to stay informed.

Latest Blogs and News

Secora Consulting’s blog is a mixture of news and developments in the security world and technical breakdowns of our services. Bookmark this page to stay informed.

Vulnerability

Zero Day Exploit: VMWare ESXi Auth Bypass Exploited by Ransomware Attackers

Microsoft has warned that ransomware gangs are actively exploiting a VMware ESXi authentication bypass vulnerability in cyber attacks. The vulnerability, tracked as CVE-2024-37085 , is a medium severity flaw (CVSS Score 5.3-6.8) which enables a new user to join an ‘ESX Admins’ group. The user will automatically be assigned full privileges on the ESXi hypervisor. Vulnerability Overview Broadcom explains that a malicious actor with sufficient Active Directory (AD) permissions can gain full access to an ESXi host configured to use AD for user management by re-creating the default AD group “ESX Admins” after it has been deleted.

News

This Week in Cybersecurity: Looking Back at Week 30

CrowdStrike content update causes global IT outage On July 19th, over 8.5 million computers were compromised in what is now considered one of the most severe cyber incidents in history. The outage impacted a diverse array of industries, grounding flights, disrupting health services, and rendering payment systems inoperable. In the post-incident review, the company revealed that the crash was caused by a system bug that permitted “problematic content data” to bypass the validation process.

Vulnerability

Jetbrains Teamcity Vulnerability Under Active Exploitation

Following the recent disclosure on 3rd March 2024, malicious actors wasted no time launching sophisticated attacks targeting two critical vulnerabilities within the popular CI/CD platform, Jetbrains TeamCity. The vulnerabilities relate to authentication bypass which can allow an unauthorised user to perform administrative actions, marking a significant threat to the platform widely utilised for automating software builds, testing, and deployment processes. Examination of the Vulnerability Analysis of the Vulnerabilities A closer examination of CVE-2024-27198, with a CVSS rating of 9.

GRC

A look at the NIST Cybersecurity Framework 2.0

On 26th February 2024, NIST released a major update to its Cybersecurity Framework (CSF) which has been widely adopted by organisations to help them in managing and mitigating cyber risks over the past decade. The updates to the CSF (v2.0), are the result of years of discussions and public feedback, aimed at enhancing the framework’s utilisation and applicability across various sectors, and not just critical infrastructure. In this article, we will look at some of the big changes that have been incorporated into version 2.

Incident Response

Conducting Crisis Management Exercises Effectively

A crisis management exercise is a structured and simulated activity designed to test and enhance an organisation’s ability to respond effectively to crises or emergencies. These activities should not be typical check-the-box exercises, but rather a technique to prepare everyone for the worst by developing a resilient and prepared team. These exercises can help businesses transform hypothetical events into concrete strategies, allowing them to deal with incidents or crises confidently and successfully.

Cybersecurity Alert

Critical ConnectWise ScreenConnect RCE Vulnerability Exposed

In a significant development that is rippling through the cybersecurity community, a critical vulnerability has been identified in ConnectWise’s ScreenConnect software (specifically versions 23.9.7 and earlier). This software is a cornerstone for many Managed Service Providers (MSPs) allowing them to administer customer endpoints worldwide. It has been assigned the highest severity rating of CVSS 10, meaning that this vulnerability poses a direct threat to the security of tens of millions of endpoints, necessitating immediate and decisive action.