Latest News Articles

Below you will find a summary of some of the more interesting and relevant news articles concerning cyber security over the past week.

Alerts & Advisories

Below you will find NCSCs Alerts & Advisories on cyber security issues that may affect Ireland


28-11-24 Vulnerabilities exist in Oracle Corporation: Oracle Agile PLM Framework (CVE-2024-21287)
22-11-24 Critical Vulnerability Exists In Cobbler Server (CVE-2024-47533)
21-11-24 Palo Alto Networks PAN-OS, Authentication Bypass in the Management Web Interface (CVE-2024-0012)
19-11-24 Multiple Critical Vulnerabilities in Ivanti EPM (UPDATE)
11-11-24 Critical vulnerability in Cisco Firepower Threat Defense Software (CVE-2024-20412)
11-11-24 Critical vulnerability in Palo Alto Networks Expedition (CVE-2024-5910)
01-11-24 Critical Vulnerability in Fortinet FortiManager (Update)
22-10-24 Security Vulnerability fixed in Firefox, Firefox ESR and Thunderbird (CVE-2024-9680)
10-10-24 Critical vulnerability in SAP BusinessObjects Business Intelligence Platform
26-09-24 Critical Vulnerabilities in Red Hat Enterprise Linux OpenPrinting CUPS
20-09-24 Critical vulnerabiity in Ivanti CSA (Cloud Services Appliance) (CVE-2024-8963)
19-09-24 Critical Vulnerabilities in VMware Cloud Foundation & VMware vCenter Server
17-09-24 Critical Vulnerabilities in Red Hat OpenShift Container Platform 4
13-09-24 Multiple Critical Vulnerabilities in Ivanti EPM
10-09-24 Critical vulnerabilities in Veeam products
09-09-24 Multiple vulnerabilities in IBM webMethods Integration
06-09-24 Critical Vulnerability in SonicWall SonicOS
02-09-24 Critical Google Chromium V8 Type Confusion Vulnerability
23-08-24 WhatsApp Verification Code Scam
22-08-24 Critical Vulnerability exists in LiteSpeed Technologies LiteSpeed Cache Wordpress Plugin
19-08-24 Critical Vulnerability exists in Palo Alto Networks Cortex XSOAR CommonScripts (CVE-2024-5914)
14-08-24 Critical Vulnerability exists in Ivanti Virtual Traffic Manager (vTM)
14-08-24 Critical Microsoft Vulnerabilities including Windows TCP/IP Remote Code Execution Vulnerability
02-08-24 Critical Vulnerabilities in Apple Mobile & Smart Devices Operating Systems
31-07-24 Critical Vulnerabilities in ServiceNow Now Platform
30-07-24 High severity vulnerability in Progress MOVEit
19-07-24 CrowdStrike BSOD Loop Issue
18-07-24 Critical Vulnerability exists in Adobe Commerce - CVE-2024-34102
18-07-24 Critical Vulnerability exists in Cisco Secure Email - CVE-2024-20401
18-07-24 Critical Vulnerability exists in Cisco Smart Software Manager On-Prem - CVE-2024-20419
18-07-24 Critical Vulnerability exists in SolarWinds SolarWinds Serv-U - CVE-2024-28995
11-07-24 Critical vulnerability in Microsoft Office - CVE-2024-38021
10-07-24 Vulnerabilities in Citrix Application Delivery Management Products
09-07-24 Critical Vulnerability in GeoServer - CVE-2024-36401
01-07-24 Critical Vulnerability in Juniper Networks products - CVE-2024-2973
01-07-24 Critical Vulnerability in OpenSSH
28-06-24 Critical Vulnerability exists in VMware ESXi
27-06-24 Progress MOVEit Vulnerability
19-06-24 Critical Vulnerabilities in VMware vCenter Server
05-06-24 Vulnerability in Check Point Quantum Products (Update)
09-05-24 Critical Vulnerability in Veeam Service Provider Console
02-05-24 Critical Vulnerability in Veritas NetBackup on Windows
05-04-24 Multiple Vulnerabilities in Cisco ASA and FTD
24-04-24 Critical Vulnerability in CrushFTP
18-04-24 Critical Vulnerability in PuTTY SSH Client
17-04-2024 Critical OS Command Injection Vulnerability in GlobalProtect Gateway (Update)
05-04-24 Multiple Vulnerabilities Disclosed in Ivanti Products
29-03-2024 Critical Vulnerability in XZ Utils
26-03-24 Vulnerability in the PostgreSQL JDBC Driver
21-03-24 Multiple Vulnerabilities Discovered Within Ivanti Products
20-03-24 Critical Vulnerabilities in Fortinet FortiOS (Update)
15-03-24 Critical Vulnerabilities in FortiOS, FortiProxy
05-03-24 Critical Security Issues Affecting JetBrains TeamCity
22-02-24 Critical and high vulnerabilities in ConnectWise - ScreenConnect (Update)
14-02-24 Critical vulnerability in Microsoft Outlook 2016
09-02-24 XXE Vulnerability affecting Ivanti Devices
01-02-24 Multiple Vulnerabilities discovered within Ivanti Products (Update)
26-01-24 Cisco Unified Communications Products Remote Code Execution Vulnerability (CVE-2024-20253)
26-01-24 Critical Vulnerability exists in Jenkins Project Jenkins (CVE-2024-23897)
24-01-24 Critical Vulnerability exists in Atlassian Confluence Data Center and Confluence Server (CVE-2023-22527)
24-01-24 Critical Vulnerability in Fortra GoAnywhere MFT
12-01-24 Critical Vulnerability in Juniper Networks Junos OS

14-12-23 Multiple Vulnerabilities in JetBrains TeamCity (Update)
14-12-23 Critical Vulnerability exists in Microsoft Windows (CVE-2023-35628)
13-12-23 Apache Struts: File Upload Component Directory Traversal Vulnerability (CVE-2023-50164)
07-12-23 SnakeYAML Library vulnerability impacts Atlassian products (CVE-2022-1471)
06-12-23 Critical RCE Vulnerability In Confluence Data Center and Confluence Server (CVE-2023-22522)
06-12-23 Critical Vulnerability in Atlassian Assets Discovery
01-12-23 Unitronics PLC devices under Active Exploitation
28-11-23 ownCloud - Multiple Critical Vulnerabilities
23-11-23 NCSC Seasonal Awareness Advisory 2023
21-11-23 Critical vulnerability in CrushFTP (CVE-2023-43177)
09-11-23 Atlassian Confluence Data Center and Server critical vulnerability (CVE-2023-22518)
03-11-23 NetScaler ADC and NetScaler Gateway (CVE-2023-4966, CVE-2023-4967)
02-11-23 Apache ActiveMQ RCE Vulnerability (CVE-2023-46604)
27-10-23 Critical severity F5 BIG-IP vulnerability (CVE-2023-46747)
17-10-23 Critical severity Cisco IOS vulnerability CVE-2023-20198
11-10-23 Vulnerabilities in NetScaler ADC and NetScaler Gateway
05-10-23 Critical vulnerability in Atlassian Confluence Data Center and Server
29-09-23 Multiple Vulnerabilities in WS_FTP
28-09-23 WebP_Vulnerability (CVE-2023-4863)
21-09-23 Multiple Vulnerabilities in JetBrains TeamCity
13-09-23 Vulnerability in remote access VPN feature of Cisco device software (CVE-2023-20269)
08-09-23 Actively exploited Apple OS Vulnerabilities
05-09-23 Multiple Vulnerabilities in Juniper network devices
08-08-23 Multiple Vulnerabilities in PaperCut NG/GF
25-07-23 Critical vulnerability in Ivanti EPMM - formerly MobileIron Core
23-07-23 Multiple RCE Vulnerabilities in Atlassian_products
18-07-23 NetScaler(Citrix) ADC and NetScaler Gateway Vulnerabilties
13-07-23 Citrix ShareFile vulnerability (CVE-2023-24489)
13-07-23 Fortinet Releases Security update for critical vulnerability (CVE-2023-33308)
06-07-23 Critical SQL Injection Vulnerability in MOVEit Transfer
21-06-23 National Cyber Risk Assessment
16-06-23 Critical Vulnerability in MOVEit Transfer (CVE-2023-35708)
13-06-23 Critical Vulnerability in FortiOS and FortiProxy SSL-VPN devices (CVE-2023-27997)
10-06-23 Critical SQL Injection Vulnerabilities in MOVEit Transfer
09-06-23 Exploitation of Barracuda Devices
02-06-23 Critical Vulnerability in MOVEit Transfer
26-05-23 Critical Vulnerabilities in Zyxel Firewalls
14-04-23 Critical Vulnerabilities in SAP Products
31-03-23 3CX Supply Chain Compromise
16-03-23 Microsoft Outlook and Smartscreen Vulnerabilities
08-03-23 Critical Vulnerabilities in FortiOS March 23
01-03-23 Critical Vulnerabilities in IBM Aspera Faspex
07-02-23 ESXi servers worldwide encrypted using (CVE-2021-21974)

13-12-22 Critical Vulnerabilities in Citrix Gateway and Citrix ADC (CVE-2022-27518)
13-12-22 Critical Vulnerabilities in Fortinet FortiOS sslvpnd (CVE-2022-42475) 13-12-22 Critical Vulnerabilities in Fortinet FortiOS sslvpnd (CVE-2022-42475)
08-11-22 Critical Vulnerabilities in Citrix Gateway and Citrix ADC
02-11-22 Vulnerabilities in OpenSSL
26-10-22 Critical Vulnerabilities in VMware Cloud Foundation Platform
07-10-22 Critical Vulnerabilities in FortiOS and FortiProxy (CVE-2022-40684)
30-09-22 Microsoft Exchange Server - Zero-Day Vulnerabilities (CVE-2022-41040, CVE-2022-41082)
26-08-22 Remote Command Execution via Github import
05-08-22 Cisco Small Business RV Series Routers Vulnerabilities
04-08-22 Multiple Vulnerabilities in VMware Products
11-07-22 Compromised WordPress Websites Distributing SolarMarker Malware
22-06-22 Changing Criminal Tactics in Response to Microsoft’s Blocking of Internet Macros
17-06-22 Vulnerabilities in Splunk Enterprise (CVE-2022-32157, CVE-2022-32158)
03-06-22 Critical Vulnerability in Confluence Server and Data Center CVE-2022-26134
30-05-22 Attackers Exploiting MSProtocol URI scheme
20-05-22 Actively Exploited Critical Vulnerabilities in VMware Products
13-05-22 Vulnerability in BIG-IP iControl REST Component (CVE-2022-1388)
19-04-22 Vulnerability in Cisco Wireless LAN Controller (CVE-2022-20695)
13-04-22 Multiple Critical Vulnerabilities in Microsoft Products
01-04-22 Critical Vulnerability in Java Spring Framework (CVE-2022-22965, Spring4Shell)
30-03-22 Targeting of Uninterruptible Power Supply Devices (UPS)
29-03-22 Remote Code Execution Vulnerability in Sophos Firewall CVE-2022-1040
16-03-22 Critical Vulnerabilities in Veeam Backup & Replication
17-02-22 Cyber Risk Assessment and Advice Regarding Ongoing Ukraine Situation
09-02-22 Critical Vulnerabilities in SAP Internet Communication Manager (ICM) - CVE-2022-22536, CVE-2022-22532, CVE-2022-22533
02-02-22 Critical Vulnerability in Samba - CVE-2021-44142