Latest Stories

Stay up-to-date with everything at Approach

Blog article

Weekly Digest Week 10 – 2024

Publication date

08.03.2024

Featured Story

JetBrains TeamCity Mass Exploitation Underway, Rogue Accounts Thrive

JetBrains Exploitation

Attacks targeting two security vulnerabilities in the TeamCity CI/CD platform have begun in earnest just days after its developer, JetBrains, disclosed the flaws on March 3.

One of the vulnerabilities (CVE-2024-27198) has a CVSS rating of 9.8 and allows remote unauthenticated attackers to execute arbitrary code and gain full control of affected instances. 30,000+ organizations rely on TeamCity for automated software deployment, increasing the impact. The flaws follow previous critical bugs exploited by Russia’s Midnight Blizzard group.

SOC Analysis:
JetBrains released a new version (2023.11.4) and a patch plugin to address the vulnerabilities. All users should update or apply the patch immediately.

If you require assistance with your vulnerability management, do not hesitate to contact our SOC.


Other Stories

VMware Issues Security Patches for ESXi, Workstation, and Fusion Flaws

VMware released patches for critical vulnerabilities that allow attackers to escape sandbox protections across ESXi, Workstation, and Fusion. Four flaws were disclosed, including two use-after-free bugs (CVE-2024-22252 and CVE-2024-22253) rated 9.3 in severity. Exploitation could allow code execution on host systems.

The vulnerabilities strike at the heart of VMware’s virtualization security model, threatening workloads thought to be isolated.

SOC Analysis:
We recommend all organizations install the latest available updates immediately.
Patch details: VMSA-2024-0006

If you require assistance with your vulnerability management, do not hesitate to contact our SOC.


Council of the EU and Parliament Agree on “Cyber Solidarity Package”

On March 6, the European Parliament and the Belgian Presidency reached a political agreement on the Cyber Solidarity Act and a related update to the Cyber Security Act. This legislative package aims to reinforce EU-wide cybersecurity coordination and response capacity for large-scale incidents.

The initiative supports cross-border collaboration and the development of trusted cybersecurity service providers within the EU.

SOC Analysis:
The “Cyber Solidarity Package” boosts Europe’s cybersecurity capacity. The move toward a “European SOC” is a promising step—our team is closely following implementation plans.

Don’t hesitate to contact us to benefit from the expertise of our awareness team.


Millions of Fake Text Messages Blocked by Belgian Telecom Operators

Telenet and Proximus have significantly reduced the flow of scam messages, blocking millions of smishing texts with the help of AI-based detection tools. Proximus alone intercepted 16 million fraudulent messages as part of the national “Stop Smishing” initiative.

The initiative is a joint effort from the CCB, BIPT, and Minister Petra De Sutter under Belgium’s recovery plan.

SOC Analysis:
The drop in smishing volume is a strong signal, but vigilance remains crucial.

Forward suspicious messages to:
verdacht@safeonweb.be
suspect@safeonweb.be
suspicious@safeonweb.be

Our SOC team is always ready to help evaluate suspicious messages.


Want to enhance your organization’s cyber awareness or compliance strategy? Contact the Approach Cyber SOC team for tailored support and training programs.

OTHER STORIES

Contact us to learn more about our services and solutions

Our team will help you start your journey towards cyber serenity

Do you prefer to send us an email?