Latest News Articles



--- TLP:WHITE ---

News

− Justice Department Disrupts Covert Russian Government-Sponsored Foreign Malign Influence Operation Targeting Audiences in the United States and Elsewhere

Influence Operation Relied on Influencers, AI-Generated Content, Paid Social Media Advertisements, and Social Media Accounts to Drive Internet Traffic to Cybersquatted and Other Domains

https://www.justice.gov/opa/media/1366261/dl

− German Intelligence Accuses Russia’s GRU of Cyberattacks on NATO, EU States

Germany’s domestic intelligence agency (BfV) has warned that Russia’s GRU military intelligence service has been carrying out cyberattacks against NATO and European Union countries. The BfV said in a statement they are engaged in malicious activities targeting critical infrastructure globally, including in the United States.

https://www.cisa.gov/news-events/cybersecurity-advisories/aa24-249a

− Chinese hackers use new data theft malware in govt attacks

New attacks attributed to China-based cyber espionage group Mustang Panda show that the threat actor switched to new strategies and malware called FDMTP and PTSOCKET to download payloads and steal information from breached networks.

https://www.trendmicro.com/en_us/research/24/i/earth-preta-new-malware-and-strategies.html

− Study Finds Excessive Use of Remote Access Tools in OT Environments

The excessive use of remote access tools in OT environments can increase the attack surface, complicate identity management, and hinder visibility.

https://web-assets.claroty.com/team82-secure-access-report.pdf

Vulnerabilities

− Microsoft Says Windows Update Zero-Day Being Exploited to Undo Security Fixes

Patch Tuesday: Microsoft raises an alarm for in-the-wild exploitation of a critical flaw in Windows Update.

https://www.securityweek.com/microsoft-says-windows-update-zero-day-being-exploited-to-undo-security-fixes/

− Microsoft Issues Patches for 79 Flaws, Including 3 Actively Exploited Windows Flaws

Microsoft on Tuesday disclosed that three new security flaws impacting the Windows platform have come under active exploitation as part of its Patch Tuesday update for September 2024.

https://thehackernews.com/2024/09/microsoft-issues-patches-for-79-flaws.html

− Ivanti Patches Critical Vulnerabilities in Endpoint Manager

Ivanti has released patches for multiple vulnerabilities in Endpoint Manager, Cloud Service Appliance, and Workspace Control.

https://www.securityweek.com/ivanti-patches-critical-vulnerabilities-in-endpoint-manager/

− Critical Vulnerability in SonicWall SonicOS;

An improper access control vulnerability has been identified in the SonicWall SonicOS management access, potentially leading to unauthorised resource access and in specific conditions, causing the firewall to crash.

https://www.ncsc.gov.ie/pdfs/2409060147_SonicOS_Vuln.pdf

−Multiple vulnerabilities in IBM webMethods Integration

IBM webMethods Integration 10.15 could allow an authenticated user to upload and execute arbitrary files which could be executed on the underlying operating system.

https://www.ncsc.gov.ie/pdfs/2409090130_Multiple_vulns_in_IBM_webMethods_Integration.pdf

−Critical vulnerabilities in Veeam products

Veeam have disclosed a critical remote code execution (RCE) vulnerability tracked as CVE-2024-40711, affecting Veeam Backup and Replication. This flaw allows unauthenticated attackers to execute arbitrary code on vulnerable systems.

https://www.ncsc.gov.ie/pdfs/2409100130_Veeam_vulns.pdf

Community News

− General Scheme of the National Cyber Security Bill 2024

On 24 July 2024, the government gave its approval to the priority drafting of the National Cyber Security Bill 2024 in line with the General Scheme published below

https://www.gov.ie/en/publication/229af-general-scheme-of-the-national-cyber-security-bill-2024/

--- TLP:WHITE ---