Latest News Articles
--- TLP:CLEAR ---
News
− Russian Turla hackers hit Starlink-connected devices in Ukraine
Russian cyber-espionage group Turla, aka 'Secret Blizzard', is utilizing other threat actors' infrastructure to target Ukrainian military devices connected via Starlink.
https://www.microsoft.com/en-us/security/blog/2024/12/11/frequent-freeloader-part-ii-russian-actor-secret-blizzard-using-tools-of-other-groups-to-attack-ukraine/− 27 DDoS Attack Services Taken Down by Law Enforcement
Law enforcement agencies in 15 countries cooperated in taking down 27 websites selling DDoS-for-hire services.
https://www.securityweek.com/27-ddos-attack-services-taken-down-by-law-enforcement/− North Korea's fake IT worker scam hauled in at least $88M over six years
DoJ thinks it's found the folks that ran it, and some of the 'IT warriors' sent out to decieve employers
https://www.justice.gov/opa/pr/fourteen-north-korean-nationals-indicted-carrying-out-multi-year-fraudulent-information− Ukrainian Minors Recruited for Cyber Ops and Reconnaissance in Russian Airstrikes
The Security Service of Ukraine (SBU or SSU) has exposed a novel espionage campaign suspected to be orchestrated by Russia's Federal Security Service (FSB) that involves recruiting Ukrainian minors for criminal activities under the guise of "quest games." Law enforcement officials said that it detained two FSB agent groups following a special operation in Kharkiv.
https://thehackernews.com/2024/12/ukrainian-minors-recruited-for-cyber.htmlVulnerabilities
− RomCom exploits Firefox and Windows zero days in the wild
ESET Research details the analysis of a previously unknown vulnerability in Mozilla products exploited in the wild and another previously unknown Microsoft Windows vulnerability, combined in a zero-click exploit
https://www.welivesecurity.com/en/eset-research/romcom-exploits-firefox-and-windows-zero-days-in-the-wild/− CISA Warns of Exploited Adobe ColdFusion, Windows Vulnerabilities
CISA has warned organizations that two vulnerabilities affecting Adobe ColdFusion and Windows have been exploited in the wild.
https://www.securityweek.com/cisa-warns-of-exploited-adobe-coldfusion-windows-vulnerabilities/− CVE-2024-12356 BeyondTrust Remote Support & Privileged Remote Access
A critical vulnerability has been discovered in Privileged Remote Access (PRA) and Remote Support (RS) products which can allow an unauthenticated attacker to inject commands that are run as a site user.
https://www.ncsc.gov.ie/pdfs/2412180143_Crit_Vuln_in_BeyondTrust_RS_PRA.pdf− CVE-2024-53677 Apache Struts
File upload logic is flawed in Apache Struts. Users are recommended to upgrade to version 6.4.0, which fixes the issue.
https://www.ncsc.gov.ie/pdfs/2412120142_Crit_vuln_Apache_Struts.pdf−A Critical vulnerability exist in Apache Software Foundation, Arrow R package
Deserialization of untrusted data in IPC and Parquet readers in the Apache Arrow R package versions 4.0.0 through 16.1.0 allows arbitrary code execution.
https://www.ncsc.gov.ie/pdfs/2412120143_Crit_vuln_Apache_Arrow_R.pdfCommunity News
−Advanced Research Workshop on Undersea Communications Cables and Crisis Management
The Department of Defence in Ireland and the Directorate for Defence of the Ministry for Foreign Affairs in Iceland jointly hosted an Advanced Research Workshop on Undersea Communications Cables and Crisis Management on 3-5 December.
https://www.gov.ie/en/press-release/22f17-advanced-research-workshop-on-undersea-communications-cables-and-crisis-management/--- TLP:CLEAR ---