Blog

The latest news and developments

Explore a blend of security news, industry developments, and in-depth technical analysis of our services on Secora Consulting's blog. Bookmark this page to stay informed.

Latest Blogs and News

Secora Consulting’s blog is a mixture of news and developments in the security world and technical breakdowns of our services. Bookmark this page to stay informed.

News

This Week in Cybersecurity: Looking Back at Week 41

Ivanti Warns of Active Exploits Targeting New Cloud Service Appliance Vulnerabilities Ivanti has identified three new security vulnerabilities (CVE-2024-9379, CVE-2024-9380, and CVE-2024-9381) in its Cloud Service Appliance (CSA), which are actively being exploited. These flaws, found in CSA versions before 5.0.2, involve SQL injection, OS command injection, and path traversal attacks, all of which can be used by remote authenticated attackers with admin privileges. Threat actors are combining these vulnerabilities with a previously disclosed zero-day (CVE-2024-8963) to carry out sophisticated attacks.

Cyber Advisory

NIS2 Compliance: Key Steps to Ensure Readiness

As the European Union’s NIS2 Directive comes into force, businesses across critical sectors are under increasing pressure to bolster their cybersecurity defenses. This directive isn’t just another compliance box to tick—it’s a comprehensive framework that raises the stakes for network and information security across the board. In this blog, we provide essential steps to help ensure your organization is not only compliant but also resilient against evolving cyber threats. From governance and accountability to incident reporting and supply chain security, these steps will guide you through the process of protecting your business.

Cybersecurity Alert

MORE_EGGS Backdoor: A Growing Threat to Recruiters

A recent report by Trend Micro , highlights that attackers are leveraging the “MORE_EGGS” backdoor in a phishing campaign, primarily targeting recruitment platforms. These attackers compromise websites commonly used by recruiters to infect their devices, aiming to achieve financial gain. Overview The Trend Micro report details the technical aspects of the MORE_EGGS which is a JScript backdoor a part of Golden Chickens Malware-as-a-Service (MaaS) toolkit which is mainly used by threat actors such as FIN6 and the Cobalt Group.

News

This Week in Cybersecurity: Looking Back at Week 40

Critical Vulnerabilities Found in DrayTek Routers Forescout Research’s Vedere Labs has uncovered 14 critical vulnerabilities in DrayTek routers, affecting both residential and enterprise models. Among the most severe, one vulnerability received a maximum CVSS score of 10, while another scored 9.1. These security flaws could allow attackers to exploit routers for remote code execution (RCE), denial-of-service (DoS), and cross-site scripting (XSS). With over 700,000 exposed DrayTek routers globally, including many with public-facing web interfaces, this poses a significant risk to enterprise networks.

Cyber Advisory

NIS2 Explained: How It Builds on NIS and What You Need to Know

The Network and Information Systems (NIS) Directive, introduced by the European Union in 2016, represented a major milestone in creating a unified cybersecurity framework across member states. However, with the rapid evolution of cyber threats and advancements in technology, the need for an update became clear. Enter NIS2 , the enhanced directive that comes into effect on 17th October 2024. In this blog post, we’ll delve into the key differences between NIS and NIS2, their implications for organisations, and the advantages of transitioning to the new directive.

Cybersecurity Alert

Red Hat Discloses Critical OpenPrinting CUPS Vulnerabilities Affecting RHEL

Red Hat has recently disclosed several critical vulnerabilities within OpenPrinting CUPS , an open-source printing system widely used across modern Linux distributions, including Red Hat Enterprise Linux (RHEL). These vulnerabilities (CVE-2024-47076, CVE-2024-47175, CVE-2024-47176, and CVE-2024-47177) pose a significant security risk, particularly if exploited in combination. Understanding the Vulnerabilities OpenPrinting CUPS is essential for managing, discovering, and sharing printers across Linux systems. However, if these vulnerabilities are exploited together, attackers could potentially achieve remote code execution, leading to the theft of sensitive data or damage to critical production systems.