Blog

The latest news and developments

Explore a blend of security news, industry developments, and in-depth technical analysis of our services on Secora Consulting's blog. Bookmark this page to stay informed.

Latest Blogs and News

Secora Consulting’s blog is a mixture of news and developments in the security world and technical breakdowns of our services. Bookmark this page to stay informed.

Cybersecurity Alert

High-Risk Vulnerability in Ivanti CSA Demands Immediate Patch Action

A critical security vulnerability, CVE-2024-8963, has been discovered in Ivanti’s Cloud Services Appliance (CSA) version 4.6 . The flaw, which has a high CVSS score of 9.4, was addressed incidentally in the patch released on September 10, 2024 (Patch 519). However, it remains a significant risk for organisations that have not yet applied this update. Understanding CVE-2024-8963 This vulnerability allows remote unauthenticated attackers to exploit the system by accessing restricted functionality.

News

This Week in Cybersecurity: Looking Back at Week 38

Hezbollah Pager Explosions Highlight Supply Chain Security Concerns A coordinated attack in Lebanon resulted in the explosion of pagers used by Hezbollah fighters, killing at least eight people, including a child, and injuring over 2,800. The detonations, which occurred simultaneously across the country, are being described as the “biggest security breach” in nearly a year of conflict with Israel. Security experts believe the explosions were part of a supply chain attack, where threat actors tampered with the hardware of the pagers before they were distributed.

Cyber Advisory

Is Your Organisation Ready for NIS2? Take Our Free Readiness Questionnaire

With the new NIS2 Directive set to impact businesses across multiple sectors, the need to enhance security and compliance has never been more pressing. But how confident are you that you’re fully prepared? Our NIS2 Readiness Questionnaire is here to help. This high-level questionnaire is designed to evaluate your current cybersecurity capabilities and uncover key areas for improvement. You’ll also receive a personalised score with actionable recommendations to enhance your security controls.

Vulnerability

Critical Vulnerabilities in Red Hat OpenShift Container Platform 4

Red Hat has recently disclosed two critical vulnerabilities in OpenShift Container Platform 4 that require urgent attention from affected organisations. The vulnerabilities, identified as CVE-2024-45496 and CVE-2024-7387, both have critical CVSS3.0 scores, highlighting their severity. CVE-2024-45496: Privilege Misuse in Build Process This flaw, with a CVSS score of 9.9, occurs due to the misuse of elevated privileges during the build process of OpenShift Container Platform. Specifically, the git-clone container is run with a privileged security context, granting unrestricted access to the node.

News

This Week in Cybersecurity: Looking Back at Week 37

Cyber Attack Hits German Air Traffic Control Agency The German air traffic control agency, Deutsche Flugsicherung (DFS), has confirmed a recent cyber attack that disrupted its office communications, though air traffic operations remained unaffected. The attack, suspected to be the work of the notorious hacker group APT28 (Fancy Bear), targeted the company’s IT infrastructure. APT28, closely linked to Russia’s military intelligence service GRU, has a long history of cyber attacks on critical infrastructure, government agencies, and political organisations across Europe and North America.

Cybersecurity Alert

Critical RCE Vulnerabilities in Veeam Backup and Replication and Veeam ONE Agent

Veeam has disclosed two critical vulnerabilities that pose significant risks to users of its Backup and Replication software and ONE Agent. These flaws, tracked as CVE-2024-40711 and CVE-2024-42024, could allow unauthenticated attackers to execute arbitrary code remotely, putting affected systems at risk. CVE-2024-40711 – Veeam Backup and Replication (CVSS: 9.8) This critical vulnerability, present in Veeam Backup and Replication versions 12.1.2.172 and earlier, allows remote code execution (RCE) via a deserialisation of untrusted data.