Latest News Articles
--- TLP:WHITE ---
News
− Key Cybersecurity Tools That Can Mitigate the Cost of a Breach
IBM's 2023 installment of their annual "Cost of a Breach" report has thrown up some interesting trends. Of course, breaches being costly is no longer news at this stage! What’s interesting is the difference in how organizations respond to threats and which technologies are helping reduce the costs associated with every IT team’s nightmare scenario.
https://thehackernews.com/2023/09/key-cybersecurity-tools-that-can.html− RFC 9424 Indicators of Compromise (IoCs) and Their Role in Attack Defence
This document reviews the fundamentals, opportunities, operational limitations, and recommendations for IoC use. It highlights the need for IoCs to be detectable in implementations of Internet protocols, tools, and technologies -- both for the IoCs' initial discovery and their use in detection -- and provides a foundation for approaches to operational challenges in network security.
https://www.rfc-editor.org/rfc/rfc9424.html− Under the radar: Ireland, maritime security capacity, and the governance of subsea infrastructure
This article will consider for the first time how a global connectivity hub on the western periphery of Europe governs critical underwater infrastructure. It will discuss the context and agencies involved in subsea cable governance in Ireland and identify the gaps in this protection before formulating suggestions for the long-term improvement of Ireland’s maritime security capacity.
https://www.tandfonline.com/doi/epdf/10.1080/09662839.2023.2248001?needAccess=true&role=buttonVulnerabilities
− China-Linked BadBazaar Android Spyware Targeting Signal and Telegram Users
Cybersecurity researchers have discovered malicious Android apps for Signal and Telegram distributed via the Google Play Store and Samsung Galaxy Store that are engineered to deliver the BadBazaar spyware on infected devices. Slovakian company ESET attributed the campaign to a China-linked actor called GREF.
https://www.welivesecurity.com/en/eset-research/badbazaar-espionage-tool-targets-android-users-trojanized-signal-telegram-apps/− Dive into the Deep Sea: A View of the Subsea Cable Ecosystem
The European Union Agency for Cybersecurity (ENISA) publishes a report on the subsea cable ecosystem and highlights today’s major cybersecurity challenges.
https://www.enisa.europa.eu/news/dive-into-the-deep-sea-a-view-of-the-subsea-cable-ecosystemMultiple vulnerabilities identified in Juniper Network devices
Juniper Networks has released a software update that address vulnerabilities CVE-2023-36844, CVE- 2023-36845, CVE-2023-36846, and CVE-2023-36847. The vulnerabilities affect Junos OS on EX and SRX series devices respectively. By chaining exploitation of these vulnerabilities, an unauthenticated, network-based attacker may be able to remotely execute code on the devices
https://www.ncsc.gov.ie/pdfs/Multiple_vulnerabilities_identified_in_Juniper_Network_devices.pdfCommunity News
Cork Sec 123 -September 19, 2023
Simply put CorkSec is a monthly meetup (running since 2013) for anyone interested in Information Security in the Munster region (primarily Cork). Regardless of whether you identify yourself as an InfoSec Professional, a Hacker, a Researcher, a Student or just someone with an interest in breaking things to see how they work / stopping people breaking things to see how they work – all are welcome, and please invite your like-minded friends.
https://cyberireland.ie/ci-event/cork-sec-123/--- TLP:WHITE ---