Latest News Articles
--- TLP:WHITE ---
News
− Russian Hackers Use Zulip Chat App for Covert C&C in Diplomatic Phishing Attacks
Dutch cybersecurity company EclecticIQ recently published a report on a phishing campaign targeting NATO-aligned countries. The threat actor used the open-source chat application Zulip for command-and-control and to disguise its activities behind genuine web traffic.
https://thehackernews.com/2023/08/russian-hackers-use-zulip-chat-app-for.htmlVulnerabilities
− Microsoft: Critical CODESYS Flaws Could Shut Down Power Plants
Microsoft researchers have identified multiple vulnerabilities that could enable threat actors to shut down power plants. There were 15 bugs discovered in the CODESYS software development kit (SDK), which is used to program and engineer programmable logic controllers in industrial operation technology (OT) systems.
https://www.microsoft.com/en-us/security/blog/2023/08/10/multiple-high-severity-vulnerabilities-in-codesys-v3-sdk-could-lead-to-rce-or-dos/− Ivanti Patches Critical Vulnerability in Avalanche Enterprise MDM Solution
Ivanti has patched critical- and high-severity vulnerabilities with the latest release of Avalanche, its enterprise mobile device management solution.
https://www.securityweek.com/ivanti-patches-critical-vulnerability-in-avalanche-enterprise-mdm-solution/− Exploitation of Citrix ShareFile Vulnerability Spikes as CISA Issues Warning
Exploitation of a Citrix ShareFile vulnerability tracked as CVE-2023-24489 has spiked as CISA added it to its ‘must patch’ catalog.
https://www.securityweek.com/exploitation-of-citrix-sharefile-vulnerability-spikes-as-cisa-issues-warning/− Ivanti warns of new actively exploited MobileIron zero-day bug
US-based IT software company Ivanti warned customers today that a critical Sentry API authentication bypass vulnerability is being exploited in the wild.
https://www.bleepingcomputer.com/news/security/ivanti-warns-of-new-actively-exploited-mobileiron-zero-day-bug/Community News
− Cyber Ireland National Conference 2023
CINC is Cyber Ireland’s flagship event where leaders and professionals across industry, academia and government come together each year. In association with Cyber Ireland’s West Chapter and ITAG Cyber Forum, we are hosting CINC23 in Galway. This year’s theme is ‘Securing our resilient digital future’. It will examine what Ireland’s cyber security ecosystem, which contributes over €1 billion to the Irish economy annually, must do today to ensure a safe, democratic cyberspace in ten years’ time.
https://cyberireland.ie/ci-event/cyber-ireland-national-conference-twentythree/− SFI Public Service Fellowship Programme
The SFI Public Service Fellowship is an initiative from SFI that offers researchers a unique opportunity to be temporarily seconded to Government Departments and Agencies (Host Organisations), including the NCSC, to work on specific projects where they can add value resulting in mutually beneficial outcomes.
https://www.sfi.ie/funding/funding-calls/public-service-fellowship/index.xml--- TLP:WHITE ---