Blog

The latest news and developments

Explore a blend of security news, industry developments, and in-depth technical analysis of our services on Secora Consulting's blog. Bookmark this page to stay informed.

Latest Blogs and News

Secora Consulting’s blog is a mixture of news and developments in the security world and technical breakdowns of our services. Bookmark this page to stay informed.

SME Cybersecurity

Black Friday & Cyber Monday Cybersecurity Tips

Black Friday and Cyber Monday are two of the most anticipated shopping days, with millions of customers flocking online and in-store for deals. These high-traffic days offer significant sales opportunities, but they also attract cybercriminals aiming to exploit the increase in online activity. Cyber threats spike around these shopping events, and if your business isn’t prepared, you could be at risk for data breaches, phishing scams, and financial loss. To help you stay secure, we’ve put together essential cybersecurity tips to protect your business from Black Friday through Cyber Monday.

News

This Week in Cybersecurity: Looking Back at Week 46

Elevate Your Cybersecurity with NCSC’s Cyber Improvement Grant Critical Vulnerability in Palo Alto Networks’ Expedition Tool Exposes Admin Accounts to Takeover Microsoft Patch Tuesday for November 2024 Fixes 89 Vulnerabilities New Excel Malware Campaign Exploits .XLL Files for Stealthy Data Theft Clop Ransomware Exploits MOVEit Zero-Day Vulnerability Hackers Breach Schneider Electric, Expose Sensitive Corporate Data Growing Threat of SEO Poisoning and Malicious Ads in Google Search Results Google Vertex AI Vulnerabilities Expose Risks in Custom AI Model Deployment MOVEit Vulnerability Exposes Amazon Employee Data via Third-Party Breach Meta Faces €798 Million Fine in EU’s Largest Antitrust Action Yet Opera Browser Vulnerability Allows Exploits via Malicious Extensions Zoom Patches Critical Vulnerabilities Allowing Privilege Escalation and Data Leaks Misconfigured Microsoft Power Pages Sites Leave Millions of Records Exposed Elevate Your Cybersecurity with NCSC’s Cyber Improvement Grant The NCSC Cyber Improvement Grant, providing up to €60,000 in funding, helps businesses implement vital cybersecurity measures based on their initial Cyber Security Review.

Vulnerability

Maximising Your Cybersecurity with the NCSC Cyber Improvement Grant

Organisations that have taken advantage of Enterprise Ireland’s Cyber Security Review Grant have gained a comprehensive assessment of their cybersecurity posture, identified key vulnerabilities, and received a clear roadmap to strengthen their cybersecurity measures. After benefiting from this initial review, your organisation can move forward with the Cyber Improvement Grant to implement these recommendations. This follow-on grant is designed to elevate your organisation’s cybersecurity maturity by addressing and mitigating identified risks, fortifying your defences against potential cyber threats.

Cybersecurity Alert

Palo Alto Networks Expedition Vulnerability Puts Admin Accounts at Risk

In July 2024, a critical vulnerability, CVE-2024-5910, was identified in Palo Alto Networks’ Expedition tool. This vulnerability, which scores a 9.3 on the CVSS 3.0 scale, exposes Expedition to a significant risk of admin account takeover by unauthorised parties with network access to the tool. As organisations increasingly rely on automation tools like Expedition for configuration migration, tuning, and enrichment, this security flaw is one that affected users cannot afford to overlook.

News

This Week in Cybersecurity: Looking Back at Week 45

This week in the news: Cyberattack Disrupts SETU Waterford Campus, Forcing Class Cancellations Ireland’s NCSC Reports Successful Cybersecurity Efforts in 2023 Annual Update Pro-Russian Hackers Target UK Local Authorities in Cyber Attack Wave UK Businesses Face Mounting Supply Chain Cybersecurity Challenges New FakeCall Malware: A Sophisticated Threat to Android Users’ Financial Security Interpol’s Operation Synergia II Deals Major Blow to Global Cybercrime Windows Server 2025 Faces Critical Install and Blue Screen Issues Critical Zero-Click Vulnerability in Synology NAS Devices Emulated Linux Environment Used to Conceal Malicious Cyber Activity Critical Security Alert for Nvidia GeForce Users Cyberattack Disrupts SETU Waterford Campus, Forcing Class Cancellations South East Technological University’s Waterford (SETU) campus has been hit by a significant cyberattack, leading to the cancellation of classes and severe disruption of IT services.

Cyber Advisory

The Importance of Third-Party Cybersecurity Assessments

Cybersecurity risks don’t just come from within your organisation; they often arise from third-party vendors who manage essential services like cloud hosting, software development, and data storage. A single vulnerability in a vendor’s system can open the door for cybercriminals to access your sensitive data, potentially jeopardising your entire business. These risks make third-party cybersecurity assessments critical for safeguarding your operations and ensuring that your vendors meet the required security standards.