Latest News Articles
--- TLP:WHITE ---
News
− Ransomware attacks doubled year on year. Are organisations equipped to handle the evolution of Ransomware in 2023?
Ransomware attacks have only increased in sophistication and capabilities over the past year. From new evasion and anti-analysis techniques to stealthier variants coded in new languages, ransomware groups have adapted their tactics to bypass common defense strategies effectively.
https://labs.cyble.com/q3-2023-ransomware-report− Signal says there is no evidence rumored zero-day bug is real
Signal messenger has investigated rumors spreading online over the weekend of a zero-day security vulnerability related to the 'Generate Link Previews' feature, stating that there is no evidence this vulnerability is real.
https://www.bleepingcomputer.com/news/security/signal-says-there-is-no-evidence-rumored-zero-day-bug-is-real/− CEDMO Special Brief on the Parlimentary Elections in Poland
Every three months, Central European Digital Media Observatory provides a concise overview of verified disinformation narratives in the region. Briefs summarise the work of fact-checking organisations within CEDMO.
https://cedmohub.eu/fact-checking/fact-checking-briefs/Vulnerabilities
− Critical severity Cisco IOS vulnerability under active exploitation
Cisco has released an advisory stating that a previously unknown vulnerability in the web UI of Cisco IOS. XE software is under active exploitation.
https://www.ncsc.gov.ie/pdfs/17-10-23_Critical_severity_Cisco_IOS_vulnerability_CVE-2023-20198.pdf− CISA shares vulnerabilities and misconfigs used by ransomware gangs
Ransomware Vulnerability Warning Pilot updates: Now a One-stop Resource for Known Exploited Vulnerabilities and Misconfigurations Linked to Ransomware.
https://www.cisa.gov/news-events/news/ransomware-vulnerability-warning-pilot-updates-now-one-stop-resource-known-exploited-vulnerabilities− DarkGate Operator Uses Skype, Teams Messages to Distribute Malware
A threat actor is using compromised Skype and Microsoft Teams accounts to distribute DarkGate, a troublesome loader associated with multiple malicious activities, including information theft, keylogging, cryptocurrency miners, and ransomware. According to researchers at Trend Micro, forty-one percent of the targets of the campaign are organisations in the Americas.
https://www.trendmicro.com/en_us/research/23/j/darkgate-opens-organisations-for-attack-via-skype-teams.html− Threat Actors Exploit Atlassian Confluence CVE-2023-22515 for Initial Access to Networks
ISA, FBI, and MS-ISAC strongly encourage network administrators to immediately apply the upgrades provided by Atlassian. CISA, FBI, and MS-ISAC also encourage organisations to hunt for malicious activity on their networks using the detection signatures and indicators of compromise (IOCs).
https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-289a− Widespread Cisco IOS XE Implants in the Wild
CVE-2023-20198 appears to have been widely exploited to install implants on Cisco IOS XE systems. VulnCheck performed an internet scan and found thousands of implanted hosts. VulnCheck released a scanner to detect the implant on affected devices.
https://vulncheck.com/blog/cisco-implantsCommunity News
− Consultative Forum on International Security Policy: Chair's Report
The report offers an introduction to the Consultative Forum on International Security Policy convened to launch a national conversation on Irish foreign, defence, and security policy in light of the changing geopolitical environment and the emergence of new and emerging threats to the nation’s security.
https://assets.gov.ie/273986/92ca4e92-9015-4a32-9fa1-206ed6df3ba9.pdf--- TLP:WHITE ---