Blog

The latest news and developments

Explore a blend of security news, industry developments, and in-depth technical analysis of our services on Secora Consulting's blog. Bookmark this page to stay informed.

Latest Blogs and News

Secora Consulting’s blog is a mixture of news and developments in the security world and technical breakdowns of our services. Bookmark this page to stay informed.

Cyber Advisory

NIS2 Explained: How It Builds on NIS and What You Need to Know

The Network and Information Systems (NIS) Directive, introduced by the European Union in 2016, represented a major milestone in creating a unified cybersecurity framework across member states. However, with the rapid evolution of cyber threats and advancements in technology, the need for an update became clear. Enter NIS2 , the enhanced directive that comes into effect on 17th October 2024. In this blog post, we’ll delve into the key differences between NIS and NIS2, their implications for organisations, and the advantages of transitioning to the new directive.

Cybersecurity Alert

Red Hat Discloses Critical OpenPrinting CUPS Vulnerabilities Affecting RHEL

Red Hat has recently disclosed several critical vulnerabilities within OpenPrinting CUPS , an open-source printing system widely used across modern Linux distributions, including Red Hat Enterprise Linux (RHEL). These vulnerabilities (CVE-2024-47076, CVE-2024-47175, CVE-2024-47176, and CVE-2024-47177) pose a significant security risk, particularly if exploited in combination. Understanding the Vulnerabilities OpenPrinting CUPS is essential for managing, discovering, and sharing printers across Linux systems. However, if these vulnerabilities are exploited together, attackers could potentially achieve remote code execution, leading to the theft of sensitive data or damage to critical production systems.

News

This Week in Cybersecurity: Looking Back at Week 39

Enterprise Ireland and National Cyber Security Centre Launch Cyber Security Review Grant for SMEs Enterprise Ireland and the National Cyber Security Centre have introduced the Cyber Security Review Grant to help SMEs strengthen their online security against cyber threats. The grant covers 80% of project costs, up to €3,000, and offers businesses expert consultancy to assess and improve their cybersecurity practices. Funded through the EU’s NextGenerationEU program, the initiative is part of Ireland’s National Recovery and Resilience Plan aimed at promoting digital transformation.

Cybersecurity Alert

High-Risk Vulnerability in Ivanti CSA Demands Immediate Patch Action

A critical security vulnerability, CVE-2024-8963, has been discovered in Ivanti’s Cloud Services Appliance (CSA) version 4.6 . The flaw, which has a high CVSS score of 9.4, was addressed incidentally in the patch released on September 10, 2024 (Patch 519). However, it remains a significant risk for organisations that have not yet applied this update. Understanding CVE-2024-8963 This vulnerability allows remote unauthenticated attackers to exploit the system by accessing restricted functionality.

News

This Week in Cybersecurity: Looking Back at Week 38

Hezbollah Pager Explosions Highlight Supply Chain Security Concerns A coordinated attack in Lebanon resulted in the explosion of pagers used by Hezbollah fighters, killing at least eight people, including a child, and injuring over 2,800. The detonations, which occurred simultaneously across the country, are being described as the “biggest security breach” in nearly a year of conflict with Israel. Security experts believe the explosions were part of a supply chain attack, where threat actors tampered with the hardware of the pagers before they were distributed.

Cyber Advisory

Is Your Organisation Ready for NIS2? Take Our Free Readiness Questionnaire

With the new NIS2 Directive set to impact businesses across multiple sectors, the need to enhance security and compliance has never been more pressing. But how confident are you that you’re fully prepared? Our NIS2 Readiness Questionnaire is here to help. This high-level questionnaire is designed to evaluate your current cybersecurity capabilities and uncover key areas for improvement. You’ll also receive a personalised score with actionable recommendations to enhance your security controls.