Blog

The latest news and developments

Explore a blend of security news, industry developments, and in-depth technical analysis of our services on Secora Consulting's blog. Bookmark this page to stay informed.

Latest Blogs and News

Secora Consulting’s blog is a mixture of news and developments in the security world and technical breakdowns of our services. Bookmark this page to stay informed.

Critical Vulnerability

Jetbrains Teamcity Vulnerability Under Active Exploitation

Following the recent disclosure on 3rd March 2024, malicious actors wasted no time launching sophisticated attacks targeting two critical vulnerabilities within the popular CI/CD platform, Jetbrains TeamCity. The vulnerabilities relate to authentication bypass which can allow an unauthorised user to perform administrative actions, marking a significant threat to the platform widely utilised for automating software builds, testing, and deployment processes. Examination of the Vulnerability Analysis of the Vulnerabilities A closer examination of CVE-2024-27198, with a CVSS rating of 9.

NIST

A look at the NIST Cybersecurity Framework 2.0

On 26th February 2024, NIST released a major update to its Cybersecurity Framework (CSF) which has been widely adopted by organisations to help them in managing and mitigating cyber risks over the past decade. The updates to the CSF (v2.0), are the result of years of discussions and public feedback, aimed at enhancing the framework’s utilisation and applicability across various sectors, and not just critical infrastructure. In this article, we will look at some of the big changes that have been incorporated into version 2.

Crisis Management

Conducting Crisis Management Exercises Effectively

A crisis management exercise is a structured and simulated activity designed to test and enhance an organisation’s ability to respond effectively to crises or emergencies. These activities should not be typical check-the-box exercises, but rather a technique to prepare everyone for the worst by developing a resilient and prepared team. These exercises can help businesses transform hypothetical events into concrete strategies, allowing them to deal with incidents or crises confidently and successfully.

Critical Vulnerability

Critical ConnectWise ScreenConnect RCE Vulnerability Exposed

In a significant development that is rippling through the cybersecurity community, a critical vulnerability has been identified in ConnectWise’s ScreenConnect software (specifically versions 23.9.7 and earlier). This software is a cornerstone for many Managed Service Providers (MSPs) allowing them to administer customer endpoints worldwide. It has been assigned the highest severity rating of CVSS 10, meaning that this vulnerability poses a direct threat to the security of tens of millions of endpoints, necessitating immediate and decisive action.

Ransomware

Cybersecurity Incident Strikes Aviation Industry

The aviation sector has once again found itself at the crosshairs of cybercriminal activities, with Willis Lease Finance Corporation, a stalwart in jet engine leasing, disclosing a significant cybersecurity breach. This incident marks a concerning development in the landscape of digital security within the aviation industry, shedding light on the vulnerabilities and the sophisticated nature of cyber threats faced by corporations today. Summary of What Has Happened Willis Lease Finance Corporation reported unauthorized activity on its systems to the US Securities and Exchange Commission (SEC), discovered on January 31.

Tips

Top 5 Cybersecurity Tips for Black Friday and Cyber Monday

Black Friday and Cyber Monday traditionally mark the beginning of the Christmas shopping season. They are also a key time of year where you can scour the internet searching for discounts on your favourite brands. The increase in online shoppers makes it a prime opportunity for malicious actors such as scammers, phishers and identity thieves to take advantage of the flurry of online shoppers for their own malicious activities. At this time of year, it is paramount to do everything you can to protect your sensitive information and data from malicious criminals.

Threat Actors

New Threat Actor "Aeroblade" Targets Aerospace Sector

The emergence of AeroBlade, a new and sophisticated cyber threat actor, has raised significant concerns within the U.S. aerospace sector. This group, identified by the BlackBerry Threat Research and Intelligence team, has launched targeted cyber espionage attacks, showcasing their evolving tactics and techniques. Summary of Events AeroBlade’s operations began with a testing phase in September 2022, using spear-phishing emails with weaponised documents to penetrate corporate networks. These attacks escalated in complexity by July 2023, with the deployment of advanced reverse-shell payloads for data theft and reconnaissance.

Data Breach

Navigating the Aftermath of the Okta Data Breach

In the rapidly evolving landscape of cybersecurity, even leading companies are not immune to data breaches. A recent incident involving Okta, a prominent identity and access management company, highlights this reality. This blog post aims to provide a comprehensive overview of the Okta data breach that occurred in October 2023, detailing the events, the impact on users, and crucial steps for those affected to mitigate risks. Summary of What Has Happened In October 2023, Okta disclosed a significant security breach in its customer support management system, commonly known as the Okta Help Center.

Business Continuity

The Path to Operational Resilience Key Considerations for Credit Unions

In a time where business disruptions and cybersecurity incidents are inevitable, operational resilience has become a prominent focus area for the Central Bank of Ireland (CBI). As a result, the CBI released Cross Industry Guidance on Operational Resilience in December 2021 and has given those in the financial services sector a maximum of two years to implement their guidance. By December 2023, all financial institutions will need to be able to demonstrate that their operational resilience strategies are aligned to the guidance.

Compliance

Secora Consulting achieves ISO 27001:2017 and ISO 9001:2015 certification

Secora Consulting is proud to announce that we have successfully achieved ISO 27001:2017 and ISO 9001:2015 certification, reaffirming our commitment to quality and security management in our operations. What is ISO 27001? ISO 27001 is an internationally recognised standard which sets out the requirements for establishing, implementing and maintaining an Information Security Management System (ISMS). The aim of this is to help businesses keep one of their most critical assets, their information, secure.

Compliance

ISO 27001 - 7 reasons why organisations are certifying to the standard

ISO 27001 (ISO/IEC 27001:2017) is an internationally recognised and widely adopted standard which outlines best practices and requirements for an organisation’s Information Security Management System (ISMS). The ISMS is designed to preserve the confidentiality, integrity and availability of information by applying a risk management process with the aim of assisting organisations in keeping their information secure. In other words, the standard assists in helping organisations protect their sensitive information including customer information, financial data and intellectual property from unauthorised access.

Testing

Going Mobile: The importance of Mobile Application Testing

Managing attack surfaces is no easy task - you can’t protect what you don’t know you have. Many businesses have their own stories of a pseudo-mythological Windows XP box that sits in the corner and makes everything run. But one of the areas that often escapes testing is our mobile apps. With more and more businesses bringing their services on the go, we take a look at why mobile application testing is important, and what Secora commonly identifies when testing.

Testing

External and Internal Testing: Whats the Difference

Securing your organisation using policies and technical controls is critical; however, unless these controls and policies are regularly tested, an organisation cannot determine or monitor their effectiveness. It seems as though every week there is a new cyber attack reported that may affect just one organisation or multiple organisations simultaneously. The importance of penetration testing Building strong security controls and processes is essential to building effective defences. By engaging in Penetration testing, you can test and improve the controls and processes you already have in place to help build an effective and strong defence-in-depth cybersecurity posture.

Compliance

Increase Your Credit Unions Cybersecurity Posture With Secora Consulting

Secora Consulting are delighted to be exhibiting at this year’s CUMA Spring Conference and AGM 2023. The event titled Change 2023, will run from the 29th to the 30th of March in the Galway Bay Hotel, Galway. We welcome you to visit our team at Stand 56 to learn more about our services and how we can help you align with the Central Bank’s IT security expectations. In advance of the conference, we have put together our most popular services used by Credit Unions throughout Ireland.

PCI DSS

The Importance of Penetration Testing for PCI Compliance

Back in 2020, Secora Consulting released a blog post titled “The Importance of Penetration Testing for PCI DSS Compliance”. We decided recently that given the release of the new PCI DSS v4.0 that there was a good opportunity to give the guidance a refresh and discuss what has changed (and provide guidance on some areas that we often get queries from our customers). A summary of what is different in PCI DSS v4.