📰 Need some reading to go with your (iced!) coffee this afternoon?

Covering a spread of topics, we've got you sorted 👇

ncsc.gov.ie/news/24-05-08/

🚨 Veeam has released a software update for Veeam Service Provider Console (VSPC) addressing a critical vulnerability (CVE-2024-29212) which could be exploited to achieve remote code execution. See the NCSC IE alert 👇
ncsc.gov.ie/pdfs/240509013…

🚨 An issue was discovered in Veritas NetBackup before 10.4. The Multi-threaded agent used in
NetBackup can be leveraged to perform arbitrary file deletion on protected files.

More info 👇

ncsc.gov.ie/pdfs/240501017…

🚨 Cisco has disclosed vulnerabilities impacting its ASA and FTD devices - these vulnerabilities enable malware implantation, command execution, and potential data exfiltration. See the NCSC IE alert for more info: ncsc.gov.ie/pdfs/240426015…

Ireland is taking part in a major international cyber defence training exercise this week. Operation 'Locked Shields' involves personnel having to deal with critical infrastructure coming under attack from hackers. Pictures: Paul Deighan RTÉ News rte.ie/news/ireland/2…

We were delighted to take part in NATO CCDCOE's #LockedShields2024 for the first time this year. This real-time network defence exercise is a unique opportunity to practise protection of national IT systems and critical infrastructure under the pressure of a severe cyber-attack

NCSC IE and Óglaigh na hÉireann taking part in simulated cyber defence exercise run by NATO CCDCOE
It's the first time Ireland has joined this 'Locked Shields' training event which tests cyber protection of critical infrastructure

🚨A server side template injection vulnerability exists in CrushFTP. Please see the NCSC IE alert here for more info: ncsc.gov.ie/pdfs/240424018…

🚨Every version of the PuTTY tools from 0.68 to 0.80 inclusive has a critical vulnerability in the code. The vulnerability can lead to supply chain attacks.

Further detail in our advisory :

ncsc.gov.ie/pdfs/240418012…

🚨 We've issued an update to our advisory on a critical OS command injection vulnerability in Palo Alto's GlobalProtect Feature.

More info 👇

ncsc.gov.ie/pdfs/240412013…

🚨 A Critical OS Command Injection Vulnerability exists in Palo Alto GlobalProtect Gateway (CVE-2024-3400). Please see the NCSC IE alert here: ncsc.gov.ie/pdfs/240412013…

The NCSC IE is seeking views from interested parties on what measures should be taken to boost Ireland’s cyber security sector as part of a Cyber Security Industrial Strategy.

📆 The closing date for submissions is Friday, 26 April 2024

Read more: gov.ie/en/consultatio…

🚨 Vulnerabilities (CVE-2024-21894, CVE-2024-
22052, CVE-2024-22053 and CVE-2024-22023) have been discovered in Ivanti Connect Secure (ICS), (formerly known as Pulse Connect Secure) and Ivanti Policy Secure gateways. See the NCSC IE alert here: ncsc.gov.ie/pdfs/240405014…

🚨 A critical vulnerability has been disclosed in XZ Utils - please review the NCSC IE alert for further information: ncsc.gov.ie/pdfs/240329013…

🇮🇪 supports statement by Peter Stano and expresses solidarity with 🇬🇧, condemns malicious cyber activities targeting democratic processes & calls on all states to exercise responsible behaviour in #cyberspace

CVE-2024-21762 is now being actively exploited. We have updated our advisory and advice affected organisations to review the Fortinet advisory and update as soon as possible. See the updated NCSC IE advisory here: ncsc.gov.ie/pdfs/240209_Fo…

Ireland is delighted to join the Joint Statement on Efforts to Counter the Proliferation & Misuse of Commercial Spyware. We are committed to tackling the threats posed by commercial spyware. Member country reps met in Seoul with 🇮🇪 represented by @SmythO
gov.ie/en/press-relea…

This year is a busy one for elections, not just in Ireland (local and EU), but across the EU.
We've worked hard with European colleagues to build an updated election security compendium, providing an overview of threats, and best practice.

Read more 👇

linkedin.com/feed/update/ur…

🚨We've published an advisory on critical security issues affecting JetBrains TeamCity On-Premises. JetBrains has released an update that addresses two vulnerabilities.

More info 👇

ncsc.gov.ie/pdfs/240305015…