Latest News Articles



--- TLP:WHITE ---

News

− China's Volt Typhoon reportedly breached Singtel in 'test-run' for US telecom attacks

Alleged intrusion spotted in June updated Chinese government cyberspies Volt Typhoon reportedly breached Singapore Telecommunications over the summer as part of their ongoing attacks against critical infrastructure operators.

https://www.straitstimes.com/singapore/data-on-some-129000-singtel-customers-stolen-in-hack-on-third-party-system

− China-Aligned MirrorFace Hackers Target EU Diplomats with World Expo 2025 Bait

The China-aligned threat actor known as MirrorFace has been observed targeting a diplomatic organization in the European Union, marking the first time the hacking crew has targeted an organization in the region. "During this attack, the threat actor used as a lure the upcoming World Expo, which will be held in 2025 in Osaka,

https://www.welivesecurity.com/en/eset-research/eset-apt-activity-report-q2-2024-q3-2024/

− Microsoft Confirms Zero-Day Exploitation of Task Scheduler Flaw

Patch Tuesday: Microsoft patches 90 security flaws across the Windows ecosystem warns of zero-day exploitation and code execution risks.

https://www.securityweek.com/microsoft-confirms-zero-day-exploitation-of-task-scheduler-flaw/

Vulnerabilities

− Many Legacy D-Link NAS Devices Exposed to Remote Attacks via Critical Flaw

D-Link warns of a critical-severity command injection vulnerability impacting multiple discontinued NAS models.

https://nvd.nist.gov/vuln/detail/CVE-2024-10914

− Critical vulnerability exists in Palo Alto Networks Expedition:

Missing authentication for a critical function in Palo Alto Networks Expedition can lead to an Expedition admin account takeover for attackers with network access to Expedition

https://www.ncsc.gov.ie/pdfs/2411110171_Crit_Vuln_Palo_Alto_Expedition.pdf

− Critical vulnerability exists in Cisco Firepower Threat Defence

This vulnerability is due to the presence of static accounts with hard-coded passwords on an affected system. An attacker could exploit this vulnerability by logging in to the CLI of an affected device with these credentials. Successful exploitation could allow an unauthenticated, local attacker to access an affected system using static credentials.

https://www.ncsc.gov.ie/pdfs/2411110189_Crit_vuln_Cisco_Firepower_Threat_Defense.pdf

Community News

− National Cyber Security Annual Update 2023

This year marks the inaugural publication of a National Cyber Security Annual Update, an initiative borne out of the public consultation at the Mid-Term point of the National Cyber Security Strategy. The National Cyber Security Annual Update provides a broad overview of the vast work that was carried out across Government in 2023. The Update contains inputs from the Department of the Environment, Climate and Communications, the National Cyber Security Centre, An Garda Síochána, the Defence Forces, and the Department of Foreign Affairs. The compilation of these updates offers a comprehensive outline of the work and developments in Ireland in the realm of cyber security.

https://www.gov.ie/en/publication/a7188-national-cyber-security-annual-update-2023/


--- TLP:WHITE ---