Featured Story
Preparing for DORA Amid Technical Controls Ambiguity
January 2025 marks the enforcement of the Digital Operational Resilience Act (DORA), a major step for the financial sector across Europe. The act mandates operational resilience and risk management measures for banks, insurers, and investment firms, with penalties of up to 2% of annual global revenue for non-compliance.
DORA’s technical control requirements remain somewhat ambiguous, making early planning critical. Article 3(1) emphasizes strengthening operational integrity and reliability within financial institutions, highlighting IT infrastructure and data protection.
With DORA enforcement around the corner, financial institutions must prepare early to ensure compliance. While the regulation aims to enhance resilience, the lack of clarity around specific technical measures presents challenges. Our SOC recommends proactive gap assessments and alignment with leading frameworks. Approach Cyber offers specialized guidance for DORA readiness.
Other Stories
Critical NAS-ty Flaw Strikes D-Link Storage Boxes
CVE-2024-10914 is a command injection vulnerability affecting older D-Link NAS devices, potentially allowing full remote takeover. The flaw stems from insecure CGI command handling and affects models that are end-of-life with no official patch planned.
Using unsupported storage devices creates critical exposure. Organizations should immediately decommission affected hardware or isolate it from the network. End-of-life infrastructure must be proactively replaced, not tolerated for convenience.
Sitting Ducks DNS Attacks Put Global Domains at Risk
Infoblox has reported over 1 million domains potentially exposed to DNS hijacking via “lame delegation” — where domains point to non-authoritative or abandoned name servers. This makes them vulnerable to being hijacked for phishing, malware, or redirection campaigns.
DNS is too often overlooked. Misconfigurations like lame delegation can lead to devastating breaches. Organizations should regularly audit DNS records and validate domain authority settings. €10/year domains need €10,000-level attention.
‘GoIssue’ Cybercrime Tool Targets GitHub Developers
A tool called GoIssue has been found on cybercrime forums, designed to steal GitHub developer credentials in bulk. It scrapes emails from public profiles and launches phishing campaigns — potentially enabling supply chain attacks or account takeovers.
Developer platforms are high-value targets. Even tech-savvy users need reinforced awareness and hardened authentication practices. We advise enabling MFA across development accounts and limiting access tokens to minimal scopes.
Palo Alto Advises Securing PAN-OS Interface Amid Potential RCE Threat
Palo Alto Networks issued an advisory regarding a possible RCE vulnerability in its PAN-OS management interface. While details remain unconfirmed, the vendor is urging all customers to restrict interface access to trusted internal IPs and follow best practices immediately.
Firewall management interfaces should never be exposed to the internet. Until further information is released, isolation and patching are key. Even suspected flaws like this merit serious action, given their potential impact on network-wide defenses.
Contact the Approach Cyber SOC team for tailored support and training programs.
