Latest News Articles

--- TLP:WHITE ---

News

− All Eyes on PCAP: The Gold Standard of Traffic Analysis

PCAP Enables Defenders to See and Capture Exactly What Has Happened Across a Network, But Comes With Challenges.

https://www.securityweek.com/all-eyes-pcap-gold-standard-traffic-analysis

− Ransomware Attacks Grew by 485% in 2020

Report assesses how cyber-criminals have exploited the COVID-19 crisis.

https://www.bitdefender.com/files/News/CaseStudies/study/395/Bitdefender-2020-Consumer-Threat-Landscape-Report.pdf

− Facebook data leak now under EU data regulator investigation

Ireland's Data Protection Commission (DPC) is investigating a massive data leak concerning a database containing personal information belonging to more than 530 million Facebook users.

https://www.bleepingcomputer.com/news/security/facebook-data-leak-now-under-eu-data-regulator-investigation/

Vulnerabilities

− Federal agencies say criminals are likely exploiting critical Fortinet VPN vulnerabilities

Joint advisory from CISA and FBI states that criminal groups are likely exploiting critical Fortinet VPN vulnerabilities.

https://us-cert.cisa.gov/ncas/current-activity/2021/04/02/fbi-cisa-joint-advisory-exploitation-fortinet-fortios

− Threat Spotlight: The geography and network characteristics of phishing attacks

The country where emails originate and the number of countries they are routed through on the way to their final destination offer warning signs of phishing attacks.

https://blog.barracuda.com/2021/04/07/threat-spotlight-geography-network-characteristics-phishing/

− Ransomware crooks are targeting vulnerable VPN devices in their attacks

Researchers at Kaspersky detail how hackers were able to get hands-on and compromise a whole network with Cring ransomware.

https://ics-cert.kaspersky.com/reports/2021/04/07/vulnerability-in-fortigate-vpn-servers-is-exploited-in-cring-ransomware-attacks/

− CISA releases tool to review Microsoft 365 post-compromise activity

The Cybersecurity and Infrastructure Security Agency (CISA) has released a companion Splunk-based dashboard that helps review post-compromise activity in Microsoft Azure Active Directory (AD), Office 365 (O365), and Microsoft 365 (M365) environments.

https://www.bleepingcomputer.com/news/security/cisa-releases-tool-to-review-microsoft-365-post-compromise-activity/

− NCSC-IE Alert: − Cisco SD-WAN vManage Software Vulnerabilities (CVE-2021-1137, CVE-2021-1479, CVE-021-1480) -

Multiple vulnerabilities in Cisco SD-WAN vManage Software could allow an unauthenticated, remote attacker to execute arbitrary code or allow an authenticated, local attacker to gain escalated privileges on an affected system.

https://www.ncsc.gov.ie/pdfs/CiscoSD-WAN_080421.pdf

Community News

>− ENISA: Procurement Guidelines for Cybersecurity in Hospitals: New Online tool for a Customised Experience

The new tool helps healthcare organisations identify best practices in order to meet cybersecurity needs when procuring products or services.

https://www.enisa.europa.eu/news/enisa-news/procurement-guidelines-for-cybersecurity-in-hospitals-new-online-tool-for-a-customised-experience

--- TLP:WHITE ---