Latest News Articles

--- TLP:WHITE ---

News

− APT31 implicated in Cyber-Attack on Finnish Parliament

The Finnish Security and Intelligence Service announced that they had determined that the threat actor group APT31 was responsible for a cyber-espionage campaign that targeted the Finnish Parliament last fall. The APT group has links to the Chinese government, according to security companies Checkpoint and FireEye.

https://supo.fi/-/suojelupoliisi-tunnisti-eduskuntaan-kohdistuneen-kybervakoiluoperaation-apt31-ksi?languageId=en_US

− Two-Thirds of Large Firms Attacked as #COVID19 Hampers Security

Report on UK governments Cyber Security Breaches Survey 2021 warns malicious activity is going undetected.

https://www.gov.uk/government/statistics/cyber-security-breaches-survey-2021/cyber-security-breaches-survey-2021

− Council of the EU adopts conclusions on the EU's cybersecurity strategy

The Council today adopted conclusions on the EU's cybersecurity strategy for the digital decade. This strategy was presented by the Commission and the high representative for foreign affairs in December 2020. It outlines the framework for EU action to protect EU citizens and businesses from cyber threats, promote secure information systems and protect a global, open, free and secure cyberspace.

https://www.consilium.europa.eu/en/press/press-releases/2021/03/22/cybersecurity-council-adopts-conclusions-on-the-eu-s-cybersecurity-strategy/

− 7 steps to staying safe and secure on Twitter from Eset

Follow these easy steps to prevent your Twitter account from being hacked and to remain safe while tweeting.

https://www.welivesecurity.com/2021/03/19/7-steps-staying-safe-secure-twitter/

Vulnerabilities

− Critical F5 BIG-IP Bug Under Active Attacks After PoC Exploit Posted Online

Almost 10 days after application security company F5 Networks released patches for critical vulnerabilities in its BIG-IP and BIG-IQ products, adversaries have begun opportunistically mass scanning and targeting exposed and unpatched networking devices to break into enterprise networks.

https://research.nccgroup.com/2021/03/18/rift-detection-capabilities-for-recent-f5-big-ip-big-iq-icontrol-rest-api-vulnerabilities-cve-2021-22986/

− Microsoft warns of phishing attacks bypassing email gateways

An ongoing phishing operation that stole an estimated 400,000 OWA and Office 365 credentials since December has now expanded to abuse new legitimate services to bypass secure email gateways.

https://www.bleepingcomputer.com/news/security/microsoft-warns-of-phishing-attacks-bypassing-email-gateways/

− CVE-2021-3450 (OpenSSL advisory) [High severity]

The X509_V_FLAG_X509_STRICT flag enables additional security checks of the certificates present in a certificate chain. It is not set by default. An error in coding of a strict check allows bypass.

https://www.openssl.org/news/vulnerabilities.html

− Critical Vulnerabilities in OpenSSL (CVE-2021-3450,CVE-2021-3449) 2021-03-26

NCSC has been made aware of two critical vulnerabilities affecting OpenSSL that require immediate patching where possible. CVE-2021-3450 affects the certificate chain and CVE-2021-3449 may result in a Denial of Service attack.

https://www.ncsc.gov.ie/pdfs/OpenSSL_260321.pdf

Community News

− One Year Later: Overcoming the Cybersecurity Challenges of a Remote Workforce

Organizations that are planning for a more permanent shift to remote work need to take critical steps to ensure their infrastructure can support employees regardless of location. This means instituting cloud-based solutions that improve cybersecurity postures and keep their networks safe.

https://www.eweek.com/news/one-year-later-overcoming-the-cybersecurity-challenges-of-a-remote-workforce/

--- TLP:WHITE ---