Blog

The latest news and developments

Explore a blend of security news, industry developments, and in-depth technical analysis of our services on Secora Consulting's blog. Bookmark this page to stay informed.

Latest Blogs and News

Secora Consulting’s blog is a mixture of news and developments in the security world and technical breakdowns of our services. Bookmark this page to stay informed.

News

This Week in Cybersecurity: Looking Back at Week 32

Ireland Unveils National Cyber Emergency Plan to Strengthen Response to Cyber Threats This week, Ireland published its National Cyber Emergency Plan (NCEP), developed through extensive public and private sector engagement and lessons from recent cyber exercises and the 2021 HSE ransomware attack. The NCEP details the process for declaring and managing a National Cyber Emergency, outlining clear roles and responsibilities. It incorporates flexible response strategies for diverse cyber incidents through three cooperation modes:

Vulnerability

Zero Day Exploit: Critical Vulnerability in Apache OFBiz

A zero-day pre-authentication remote code execution vulnerability , identified as CVE-2024-38856, has been discovered in the Apache OFBiz open-source enterprise resource planning (ERP) system. This critical flaw could allow threat actors to execute remote code on affected instances, posing significant risks to businesses relying on this software. Vulnerability Overview Vulnerability Type: Zero-day pre-authentication remote code execution CVSS Score: 9.8/10 Affected Versions: Apache OFBiz versions prior to 18.12.15 The vulnerability stems from a flaw in the authentication mechanism of Apache OFBiz.

News

This Week in Cybersecurity: Looking Back at Week 31

Average cost of a data breach rises to €4.5m According to IBM’s annual ‘Cost of a Data Breach Report,’ the average cost of data breaches globally has risen to €4.49 million this year, marking a significant 10% increase year-over-year — the largest since the pandemic began. The report reveals that 70% of breached organisations experienced significant disruptions, with lost business and post-breach customer and third-party response costs contributing heavily to the financial impact.

Vulnerability

Zero Day Exploit: VMWare ESXi Auth Bypass Exploited by Ransomware Attackers

Microsoft has warned that ransomware gangs are actively exploiting a VMware ESXi authentication bypass vulnerability in cyber attacks. The vulnerability, tracked as CVE-2024-37085 , is a medium severity flaw (CVSS Score 5.3-6.8) which enables a new user to join an ‘ESX Admins’ group. The user will automatically be assigned full privileges on the ESXi hypervisor. Vulnerability Overview Broadcom explains that a malicious actor with sufficient Active Directory (AD) permissions can gain full access to an ESXi host configured to use AD for user management by re-creating the default AD group “ESX Admins” after it has been deleted.

News

This Week in Cybersecurity: Looking Back at Week 30

CrowdStrike content update causes global IT outage On July 19th, over 8.5 million computers were compromised in what is now considered one of the most severe cyber incidents in history. The outage impacted a diverse array of industries, grounding flights, disrupting health services, and rendering payment systems inoperable. In the post-incident review, the company revealed that the crash was caused by a system bug that permitted “problematic content data” to bypass the validation process.

Vulnerability

Jetbrains Teamcity Vulnerability Under Active Exploitation

Following the recent disclosure on 3rd March 2024, malicious actors wasted no time launching sophisticated attacks targeting two critical vulnerabilities within the popular CI/CD platform, Jetbrains TeamCity. The vulnerabilities relate to authentication bypass which can allow an unauthorised user to perform administrative actions, marking a significant threat to the platform widely utilised for automating software builds, testing, and deployment processes. Examination of the Vulnerability Analysis of the Vulnerabilities A closer examination of CVE-2024-27198, with a CVSS rating of 9.