Blog

The latest news and developments

Explore a blend of security news, industry developments, and in-depth technical analysis of our services on Secora Consulting's blog. Bookmark this page to stay informed.

Latest Blogs and News

Secora Consulting’s blog is a mixture of news and developments in the security world and technical breakdowns of our services. Bookmark this page to stay informed.

GRC

A look at the NIST Cybersecurity Framework 2.0

On 26th February 2024, NIST released a major update to its Cybersecurity Framework (CSF) which has been widely adopted by organisations to help them in managing and mitigating cyber risks over the past decade. The updates to the CSF (v2.0), are the result of years of discussions and public feedback, aimed at enhancing the framework’s utilisation and applicability across various sectors, and not just critical infrastructure. In this article, we will look at some of the big changes that have been incorporated into version 2.

Incident Response

Conducting Crisis Management Exercises Effectively

A crisis management exercise is a structured and simulated activity designed to test and enhance an organisation’s ability to respond effectively to crises or emergencies. These activities should not be typical check-the-box exercises, but rather a technique to prepare everyone for the worst by developing a resilient and prepared team. These exercises can help businesses transform hypothetical events into concrete strategies, allowing them to deal with incidents or crises confidently and successfully.

Cybersecurity Alert

Critical ConnectWise ScreenConnect RCE Vulnerability Exposed

In a significant development that is rippling through the cybersecurity community, a critical vulnerability has been identified in ConnectWise’s ScreenConnect software (specifically versions 23.9.7 and earlier). This software is a cornerstone for many Managed Service Providers (MSPs) allowing them to administer customer endpoints worldwide. It has been assigned the highest severity rating of CVSS 10, meaning that this vulnerability poses a direct threat to the security of tens of millions of endpoints, necessitating immediate and decisive action.

News

Cybersecurity Incident Strikes Aviation Industry

The aviation sector has once again found itself at the crosshairs of cybercriminal activities, with Willis Lease Finance Corporation, a stalwart in jet engine leasing, disclosing a significant cybersecurity breach. This incident marks a concerning development in the landscape of digital security within the aviation industry, shedding light on the vulnerabilities and the sophisticated nature of cyber threats faced by corporations today. Summary of What Has Happened Willis Lease Finance Corporation reported unauthorized activity on its systems to the US Securities and Exchange Commission (SEC), discovered on January 31.

Tips

Top 5 Cybersecurity Tips for Black Friday and Cyber Monday

Black Friday and Cyber Monday traditionally mark the beginning of the Christmas shopping season. They are also a key time of year where you can scour the internet searching for discounts on your favourite brands. The increase in online shoppers makes it a prime opportunity for malicious actors such as scammers, phishers and identity thieves to take advantage of the flurry of online shoppers for their own malicious activities. At this time of year, it is paramount to do everything you can to protect your sensitive information and data from malicious criminals.

News

New Threat Actor "Aeroblade" Targets Aerospace Sector

The emergence of AeroBlade, a new and sophisticated cyber threat actor, has raised significant concerns within the U.S. aerospace sector. This group, identified by the BlackBerry Threat Research and Intelligence team, has launched targeted cyber espionage attacks, showcasing their evolving tactics and techniques. Summary of Events AeroBlade’s operations began with a testing phase in September 2022, using spear-phishing emails with weaponised documents to penetrate corporate networks. These attacks escalated in complexity by July 2023, with the deployment of advanced reverse-shell payloads for data theft and reconnaissance.