Latest News Articles



--- TLP:WHITE ---

News

− New Mustang Panda campaign targets Europe This week, Cisco Talos Intelligence Group reported that they had discovered a new attack campaign

This week, Cisco Talos Intelligence Group reported that they had discovered a new attack campaign perpetrated by the threat actor Mustang Panda, also known as Bronze President, RedDelta, and TA416. The group focuses primarily on Europe when conducting its espionage attacks.

http://blog.talosintelligence.com/2022/05/mustang-panda-targets-europe.html

− UK Gov releases free tool to check for email cybersecurity risks

The United Kingdom's National Cyber Security Centre (NCSC) today released a new email security check service to help organizations easily identify vulnerabilities that could allow attackers to spoof emails or can lead to email privacy breaches.

https://www.bleepingcomputer.com/news/security/uk-govt-releases-free-tool-to-check-for-email-cybersecurity-risks/

− NIST updates guidance for cybersecurity supply chain risk management

The National Institute of Standards and Technology (NIST) has updated its guidance document for helping organizations identify, assess and respond to cybersecurity risks throughout the supply chain.

https://www.helpnetsecurity.com/2022/05/06/cybersecurity-supply-chain-risk/

Vulnerabilities

− Remote Code Execution Vulnerability in iControl REST Component F5 BIG-IP

A critical vulnerability, CVE-2022-1388, allowing remote code execution has been identified in the iControl REST component of F5 BIG-IP products. This vulnerability was announced in a security advisory by F and was discovered internally. The NCSC has been made aware of mass scanning for vulnerable systems and the exploitation of systems in the wild.

https://www.ncsc.gov.ie/pdfs/BIG_IP_RCE_130522.pdf

− Government Agencies Warn of Increase in Cyberattacks Targeting MSPs

Multiple cybersecurity authorities from Australia, Canada, New Zealand, the U.K., and the U.S. on Wednesday released a joint advisory warning of threats targeting managed service providers (MSPs) and their customers.

https://www.cisa.gov/uscert/ncas/current-activity/2022/05/11/cisa-joins-partners-release-advisory-protecting-msps-and-their

Community News

− European Commission has opened public consultation on new legislation on the cybersecurity of digital products and services.

The European Commission seeks to establish common cybersecurity rules for digital products and associated services that are placed on the market across the European Union. The Commission invites stakeholders such as operators and users of both enterprise facing and consumer facing products and services to express views on the policy interventions proposed.

https://ec.europa.eu/info/law/better-regulation/have-your-say/initiatives/13410-Cyber-resilience-act-new-cybersecurity-rules-for-digital-products-and-ancillary-services/public-consultation_en

− ‘State of the Cyber Security Sector in Ireland’ Report has been formally launched

Cyber Ireland are delighted to announce that the inaugural ‘State of the Cyber Security Sector in Ireland’ Report has been formally launched by Mr Ossian Smyth, Minister of State at the Department of Public Expenditure and Reform. For the first time, the Irish cyber security community have an in-depth analysis of the sector, its contribution to Ireland’s economy and the potential opportunities for its future. The report is an economic baseline for the sector and will form the basis of subsequent recommendations and policies within Cyber Ireland.

https://cyberireland.ie/state-of-the-cyber-security-sector-in-ireland-2022/

--- TLP:WHITE ---