Latest News Articles

--- TLP:WHITE ---

News

− A student pirating software led to a full-blown Ryuk ransomware attack

A student's attempt to pirate an expensive data visualization software led to a full-blown Ryuk ransomware attack at a European biomolecular research institute.

https://www.bleepingcomputer.com/news/security/a-student-pirating-software-led-to-a-full-blown-ryuk-ransomware-attack/

− Belgian Government, Parliament, Colleges Hit by Cyberattack

The company providing internet services for Belgium’s parliament, government agencies, universities and scientific institutions said Tuesday that its network was under cyberattack, with connections to s$ https://www.welivesecurity.com/2021/05/05/belgium-government-websites-offline-ddos-attack/


− Google wants to enable multi-factor authentication by default

Google strives to push all its users to start using two-factor authentication (2FA), which can block attackers from taking control of their accounts using compromised credentials or guessing their passwords.

https://www.bleepingcomputer.com/news/security/google-wants-to-enable-multi-factor-authentication-by-default/

Vulnerabilities

− Pulse Secure fixes VPN zero-day used to hack high-value targets

Pulse Secure has fixed a zero-day vulnerability in the Pulse Connect Secure (PCS) SSL VPN appliance that is being actively exploited to compromise the internal networks of defense firms and govt agencie$ https://blog.pulsesecure.net/pulse-connect-secure-patch-availability-sa44784/


Pulse Connect Secure RCE Vulnerability (CVE-2021-22893) 2021-05-04

A relevant patch for Pulse Connect Secure devices is now available, more information can be found in the Recommendations section below or at this link.

https://www.ncsc.gov.ie/pdfs/PulseVPN_200421_UPDATE.pdf

− Third Parties Caused Data Breaches at 51% of Organizations

New research highlights weaknesses in third-party remote access security.

https://www.securelink.com/research-reports/a-crisis-in-third-party-remote-access-security/

− Joint advisory: Further TTPs associated with SVR cyber actors

The NCSC-UK, CISA, FBI and NSA publish advice on detection and mitigation of SVR activity following the attribution of the SolarWinds compromise.

https://www.ncsc.gov.uk/news/joint-advisory-further-ttps-associated-with-svr-cyber-actors

Community News

− TI Series. 7th Session: The Pathway to a Successful Threat Intelligence Function

The Cyber Ireland Threat Intel Group aims to build the expertise within the Cyber Ireland community to develop Threat Intelligence capabilities through the sharing of knowledge and experiences at a strategic level. The Speaker will be Dr Jamie Collier. Register at the link below.

https://us02web.zoom.us/webinar/register/4016202052964/WN_HjPHbJfzS5i3nybu1oUNag

--- TLP:WHITE ---