Latest News Articles

Below you will find a summary of some of the more interesting and relevant news articles concerning cyber security over the past week.

Alerts & Advisories

Below you will find NCSCs Alerts & Advisories on cyber security issues that may affect Ireland


14-12-23 Multiple Vulnerabilities in JetBrains TeamCity (Update)
14-12-23 Critical Vulnerability exists in Microsoft Windows (CVE-2023-35628)
13-12-23 Apache Struts: File Upload Component Directory Traversal Vulnerability (CVE-2023-50164)
07-12-23 SnakeYAML Library vulnerability impacts Atlassian products (CVE-2022-1471)
06-12-23 Critical RCE Vulnerability In Confluence Data Center and Confluence Server (CVE-2023-22522)
06-12-23 Critical Vulnerability in Atlassian Assets Discovery
01-12-23 Unitronics PLC devices under Active Exploitation
28-11-23 ownCloud - Multiple Critical Vulnerabilities
23-11-23 NCSC Seasonal Awareness Advisory 2023
21-11-23 Critical vulnerability in CrushFTP (CVE-2023-43177)
09-11-23 Atlassian Confluence Data Center and Server critical vulnerability (CVE-2023-22518)
03-11-23 NetScaler ADC and NetScaler Gateway (CVE-2023-4966, CVE-2023-4967)
02-11-23 Apache ActiveMQ RCE Vulnerability (CVE-2023-46604)
27-10-23 Critical severity F5 BIG-IP vulnerability (CVE-2023-46747)
17-10-23 Critical severity Cisco IOS vulnerability CVE-2023-20198
11-10-23 Vulnerabilities in NetScaler ADC and NetScaler Gateway
05-10-23 Critical vulnerability in Atlassian Confluence Data Center and Server
29-09-23 Multiple Vulnerabilities in WS_FTP
28-09-23 WebP_Vulnerability (CVE-2023-4863)
21-09-23 Multiple Vulnerabilities in JetBrains TeamCity
13-09-23 Vulnerability in remote access VPN feature of Cisco device software (CVE-2023-20269)
08-09-23 Actively exploited Apple OS Vulnerabilities
05-09-23 Multiple Vulnerabilities in Juniper network devices
08-08-23 Multiple Vulnerabilities in PaperCut NG/GF
25-07-23 Critical vulnerability in Ivanti EPMM - formerly MobileIron Core
23-07-23 Multiple RCE Vulnerabilities in Atlassian_products
18-07-23 NetScaler(Citrix) ADC and NetScaler Gateway Vulnerabilties
13-07-23 Citrix ShareFile vulnerability (CVE-2023-24489)
13-07-23 Fortinet Releases Security update for critical vulnerability (CVE-2023-33308)
06-07-23 Critical SQL Injection Vulnerability in MOVEit Transfer
21-06-23 National Cyber Risk Assessment
16-06-23 Critical Vulnerability in MOVEit Transfer (CVE-2023-35708)
13-06-23 Critical Vulnerability in FortiOS and FortiProxy SSL-VPN devices (CVE-2023-27997)
10-06-23 Critical SQL Injection Vulnerabilities in MOVEit Transfer
09-06-23 Exploitation of Barracuda Devices
02-06-23 Critical Vulnerability in MOVEit Transfer
26-05-23 Critical Vulnerabilities in Zyxel Firewalls
14-04-23 Critical Vulnerabilities in SAP Products
31-03-23 3CX Supply Chain Compromise
16-03-23 Microsoft Outlook and Smartscreen Vulnerabilities
08-03-23 Critical Vulnerabilities in FortiOS March 23
01-03-23 Critical Vulnerabilities in IBM Aspera Faspex
07-02-23 ESXi servers worldwide encrypted using (CVE-2021-21974)

13-12-22 Critical Vulnerabilities in Citrix Gateway and Citrix ADC (CVE-2022-27518)
13-12-22 Critical Vulnerabilities in Fortinet FortiOS sslvpnd (CVE-2022-42475) 13-12-22 Critical Vulnerabilities in Fortinet FortiOS sslvpnd (CVE-2022-42475)
08-11-22 Critical Vulnerabilities in Citrix Gateway and Citrix ADC
02-11-22 Vulnerabilities in OpenSSL
26-10-22 Critical Vulnerabilities in VMware Cloud Foundation Platform
07-10-22 Critical Vulnerabilities in FortiOS and FortiProxy (CVE-2022-40684)
30-09-22 Microsoft Exchange Server - Zero-Day Vulnerabilities (CVE-2022-41040, CVE-2022-41082)
26-08-22 Remote Command Execution via Github import
05-08-22 Cisco Small Business RV Series Routers Vulnerabilities
04-08-22 Multiple Vulnerabilities in VMware Products
11-07-22 Compromised WordPress Websites Distributing SolarMarker Malware
22-06-22 Changing Criminal Tactics in Response to Microsoft’s Blocking of Internet Macros
17-06-22 Vulnerabilities in Splunk Enterprise (CVE-2022-32157, CVE-2022-32158)
03-06-22 Critical Vulnerability in Confluence Server and Data Center CVE-2022-26134
30-05-22 Attackers Exploiting MSProtocol URI scheme
20-05-22 Actively Exploited Critical Vulnerabilities in VMware Products
13-05-22 Vulnerability in BIG-IP iControl REST Component (CVE-2022-1388)
19-04-22 Vulnerability in Cisco Wireless LAN Controller (CVE-2022-20695)
13-04-22 Multiple Critical Vulnerabilities in Microsoft Products
01-04-22 Critical Vulnerability in Java Spring Framework (CVE-2022-22965, Spring4Shell)
30-03-22 Targeting of Uninterruptible Power Supply Devices (UPS)
29-03-22 Remote Code Execution Vulnerability in Sophos Firewall CVE-2022-1040
16-03-22 Critical Vulnerabilities in Veeam Backup & Replication
17-02-22 Cyber Risk Assessment and Advice Regarding Ongoing Ukraine Situation
09-02-22 Critical Vulnerabilities in SAP Internet Communication Manager (ICM) - CVE-2022-22536, CVE-2022-22532, CVE-2022-22533
02-02-22 Critical Vulnerability in Samba - CVE-2021-44142

31-12-21 Critical Vulnerabilities in Apache Log4j library - CVE-2021-44228, CVE-2021-45046, CVE-2021-45105, CVE-2021-44832 - Update 5
24-12-21 Critical Vulnerabilities in Apache HTTPD Server - CVE-2021-44790, CVE-2021-44224
23-12-21 Critical Vulnerabilities in Apache Log4j library - CVE-2021-44228, CVE-2021-45046 & CVE-2021-45105 Update 4
20-12-21 Critical Vulnerabilities in Apache Log4j library- CVE-2021-44228, CVE-2021-45046 & CVE-2021-45105 Update 3
15-12-21 Critical Vulnerability in Apache Log4j library- CVE-2021-44228 Update 2
13-12-21 Critical Vulnerability in Apache Log4j library- CVE-2021-44228 Update
10-12-21 Critical Vulnerability in Apache Log4j library- CVE-2021-44228
09-12-21 Multiple Vulnerabilities in SonicWall SMA100 Series Appliances
18-11-21 Exploited Exchange Servers Leading to Ransomware
10-11-21 Microsoft November 2021 Security Updates
28-10-21 FluBot - New Android Text Message Scam Targeting Irish Users
08-10-21 Apache HTTP Server 2.4.49/50 Vulnerabilities
27-09-21 Conti Ransomware Guidance
24-09-21 SonicWall Vulnerability in SMA 100 Series Appliances
22-09-21 VMware vCenter Server Security Vulnerabilities
17-09-21 OMI Vulnerabilities within Azure VM Management Extensions
15-09-21 Microsoft MSHTML RCE Vulnerability CVE-2021-40444 - UPDATE
14-09-21 Apple Vulnerability
08-09-21 Microsoft MSHTML RCE Vulnerability CVE-2021-40444
08-09-21 Microsoft Exchange ProxyShell Vulnerability - UPDATE
07-09-21 Confluence Server Webwork OGNL injection
09-08-21 Microsoft Exchange ProxyShell Vulnerability
09-07-21 Microsoft Windows Print Spooler RCE Vulnerability-UPDATE
01-06-21 FluBot - Android Text Message Scam
26-05-21 VMware vCenter Server RCE & Authentication Vulnerabilities (CVE-2021-21985, CVE-2021-21986)
19-05-21 Pulse Connect Secure Buffer Overflow Vulnerability (CVE-2021-22908)
16-05-21 Ransomware Attack on HSE Network Update
14-05-21 Ransomware Attack on HSE Network 2021-05-14
04-05-21 Pulse Connect Secure RCE Vulnerability (CVE-2021-22893) Update
20-04-21 Pulse Connect Secure RCE Vulnerability (CVE-2021-22893)
14-04-21 Microsoft Exchange Server Vulnerabilities - April 2021
08-04-21 Cisco SD-WAN vManage Software Vulnerabilities
26-03-21 Critical Vulnerabilities in OpenSSL
11-03-2021 Critical Vulnerabilities in F5 products
10-03-2021 Critical Vulnerabilities in Microsoft Exchange Servers Update 2
25-02-2021 Unauthorised RCE in VMware vCenter & ESXi
10-02-2021 Windows TCP/IP Remote Code Execution & DoS Vulnerabilities
25-01-2021 SonicWall Vulnerability