Latest News Articles

--- TLP:WHITE ---

News

− DarkSide is Standing Down, But Its Affiliates Live On

DarkSide, the group behind the infamous ransomware used in the attack against Colonial Pipeline that caused a national panic and sent petrol prices soaring, stated on May 13 that they were immediately ceasing operations.

https://www.riskiq.com/blog/external-threat-management/darkside-affiliates/

− Why Not Always Multi-Factor Authentication?

MFA, which requires more than one method of authentication to verify identity, may not be the sexiest thing around, but with it in place, organizations can make it that much harder for attackers to accomplish their goals. So, why isn’t it more ubiquitous?

https://www.securityweek.com/why-not-always-multi-factor-authentication

− Working Virtually: Use multi-factor authentication to protect accounts; Part 2 of Security Summit tips for tax professionals

With heightened threats during COVID-19, the Internal Revenue Service and Security Summit partners today called on professionals to select multi-factor authentication options whenever possible to prevent identity thieves from gaining access.

https://www.irs.gov/newsroom/working-virtually-use-multi-factor-authentication-to-protect-accounts-part-2-of-security-summit-tips-for-tax-professionals

− Analysis Report: Strengthening Security Configurations to Defend Against Attackers Targeting Cloud Services

The Cybersecurity and Infrastructure Security Agency (CISA) is aware of several recent successful cyberattacks against various organizations’ cloud services. Threat actors are using phishing and other vectors to exploit poor cyber hygiene practices within a victims’ cloud services configuration. The information in this report is derived exclusively from several CISA incident response engagements

https://us-cert.cisa.gov/ncas/analysis-reports/ar21-013a

Vulnerabilities

− Ransomware Attack on Health Sector - UPDATE

On 14/05/21 the Health Service Executive (HSE) was impacted by a Ransomware attack which has affected multiple services on their network. The NCSC along with the HSE and partners are currently investigating this incident and an Incident Response process is ongoing.

https://www.ncsc.gov.ie/pdfs/HSE_Conti_140521_UPDATE.pdf

− RSAC: The Most Dangerous New Attack Techniques

Highlights from the final panel event of RSA Conference; The Top 5 Most Dangerous New Attack Techniques session.

https://www.infosecurity-magazine.com/news/rsac-most-dangerous-new-attack/

− RDP Hijacked for Lateral Movement in 69% of Attacks

According to a new report published by Sophos called the Active Adversary Playbook 2021, 90% of cyberattacks investigated by Sophos last year involved abuse of the Remote Desktop Protocol (RDP). Sophos states that 81% of these attacks featured ransomware.

https://news.sophos.com/en-us/2021/05/18/the-active-adversary-playbook-2021/

Community News

− Cyber Ireland Webinar Threat Intel Series: 7th Session

Join Jamie Coller on Wednesday 26th May to know more about the Pathway to a Successful Threat Intelligence Function as part of the TI Webinar Series.

https://us02web.zoom.us/webinar/register/4016202052964/WN_HjPHbJfzS5i3nybu1oUNag

− NIS Compliance Guidelines for Operators of Essential Service

The main objective of the NIS Directive is to ensure that there is a common high level security of network and information systems across Member States and as such, it requires Member States to take a number of significant measures with regard to Cyber Security. The measures required include the application of a set of binding network and information system security and incident reporting obligations to a wide range of critical infrastructure operators.

https://www.ncsc.gov.ie/pdfs/NIS_Compliance_Security_Guidelines_for_OES.pdf

--- TLP:WHITE ---