Latest News Articles



--- TLP:WHITE ---

News

− Microsoft Exchange servers hacked in internal reply-chain attacks

Threat actors are hacking Microsoft Exchange servers using ProxyShell and ProxyLogon exploits to distribute malware and bypass detection using stolen internal reply-chain emails.

https://www.bleepingcomputer.com/news/security/microsoft-exchange-servers-hacked-in-internal-reply-chain-attacks/

− Vestas impacted by cyber security incident

Vestas has on 19 November 2021 been impacted by a cyber security incident. To contain the issue, IT systems are shut down across multiple business units and locations.

https://www.vestas.com/en/media/company-news/2021/vestas-impacted-by-cyber-security-incident-c3457473

− CYBERWARCON – Foreign influence operations grow up

Not long ago, disinformation campaigns were rather unsophisticated. These days, however, threat actors put serious time and effort into crafting their attacks.

https://www.welivesecurity.com/2021/11/19/cyberwarcon-foreign-influence-operations-grow-up/

− Defining the Criticality of RIPE NCC Services

We’ve been brainstorming on a process to determine the criticality level of our services, and we’d now like to ask the community for input on how we should approach this effort moving forward.

https://labs.ripe.net/author/felipe_victolla_silveira/defining-the-criticality-of-ripe-ncc-services/

Logging - part of a resilient cyber defence

Nobody can prevent security compromises of their IT systems. But with logging it is possible to go back and see what happened. The Danish Centre for Cybersecurity has published their guide for logging this week.

https://www.cfcs.dk/en/forebyggelse/guidance/logging/

Vulnerabilities

− Exploit released for Microsoft Exchange RCE bug, patch now

Proof-of-concept exploit code has been released online over the weekend for an actively exploited high severity vulnerability impacting Microsoft Exchange servers.

https://www.bleepingcomputer.com/news/security/exploit-released-for-microsoft-exchange-rce-bug-patch-n

− UK Gov warns thousands of SMBs their online stores were hacked

The UK's National Cyber Security Centre (NCSC) says it warned the owners of more than 4,000 online stores that their sites were compromised in Magecart attacks to steal the payment info of customers.

https://www.ncsc.gov.uk/news/guidance-for-retailers-to-prevent-websites-becoming-black-friday-cyber-traps

Seasonal Cyber Awareness

As we approach the Christmas period the NCSC would like to take this opportunity to remind people that this is a particularity active period for cyber criminals to take advantage of unsuspecting online shoppers.

https://www.ncsc.gov.ie/pdfs/Seasonal_Awareness.pdf

Community News

− NIS 2 (and the other EU regulation updates you need to know): November 2021

This is the latest in an ongoing series in which we give a brief overview of the most pertinent digital policies currently being proposed, debated and implemented in the European Union.

https://labs.ripe.net/author/suzanne_taylor_muzzin/nis-2-and-the-other-eu-regulation-updates-you-need-to-know-november-2021/

− Government agrees measures to enhance the security of electronic communications including 5G networks

Ireland is introducing new measures to enhance the security of electronic communications Antenna with bars. We’d like to hear from cybersecurity and telecommunications experts on the effectiveness of the proposed measures

https://www.gov.ie/en/press-release/71ff9-government-agrees-measures-to-enhance-the-security-of-electronic-communications-including-5g-networks/

--- TLP:WHITE ---