Tag: Digital Trust Center

In collaboration with the police, the Digital Trust Center (DTC) warns about the risks of using generative artificial intelligence (AI) in the workplace. They also share tips on how both employees and employers can safely use AI. Human contact is the key here.

While AI tools such as text generators and image creation apps offer entrepreneurs significant (efficiency) benefits, there is also a dark side to these technologies. Cybercriminals can also use these tools for fraudulent practices .

Identity fraud, such as CEO fraud.
For example, AI can be used to clone a voice or to create realistic texts. Spreading disinformation.
Language model ChatGPT produces authentic-looking texts at scale and with great speed. Such a language model can help criminals for propaganda and disinformation purposes. Malware. ChatGPT is capable of producing codes in a number of different programming languages. For a potential criminal with little technical knowledge, this is an invaluable resource to produce malicious code (such as malware).

Manon den Dunnen, Strategic Digital Specialist at the police, emphasizes the importance of being vigilant when using AI yourself: “If you wouldn't put it on LinkedIn, you shouldn't put it on ChatGPT either. Because that system trains itself with the information you enter and before you know it, your information appears in texts generated for others. That's why companies like Samsung have banned their employees from using it.”

Tips for dealing with artificial intelligence and cybercriminals who use it:

It is best to have confidential conversations in person.
Never enter confidential data into ChatGPT or similar language models.
So no names of people either. Be aware that the systems are aimed at generating texts 'that resemble'. It is not a search engine, there is no database behind it, so do not use it if factuality is important. If you have any doubts about the identity of the person on the phone, you can suggest calling back.
Another option is to ask an experience question. For example: How was your conversation yesterday? Agreements can be made, for example, to only handle invoices if there is an opportunity to check the source.
Investigate which solutions you can implement in coordination with partners in the chain to determine the authenticity of the sender of invoices or other important communications.
Refer back to advice relevant to, for example, phishing or CEO fraud. These forms of cyber incidents remain basically the same, even if AI is used as a tool. Know what questions to ask when purchasing software. For example: How does this software use artificial intelligence, how is it trained, what happens to this data and what security issues are involved?

Secure digital business

As an entrepreneur or security manager, would you like to receive notifications of serious cyber threats to companies in your mailbox? Then join the DTC Community .
To support entrepreneurs, there is also a wide range of cybersecurity information and a toolbox with cyber tools . Want to test whether you already have the basics in order? Take the CyberSafe Check for self-employed persons and SMEs .

About the Digital Trust Center

information and a toolbox with cyber tools to support entrepreneurs . The DTC also works with various organizations to increase digital resilience in the entrepreneurial Netherlands.

Stay informed of NIS2 developments

Are you curious about what the new NIS2 guideline will mean for your company and/or your chain suppliers? Then subscribe to the NIS2 theme space within the DTC Community . There, cybersecurity experts, entrepreneurs and government share NIS2 information and you can talk to others about how to prepare for NIS2.

Your digital security is more important than ever. You already take the necessary cybersecurity measures for this. But is it enough? How do you know if you are doing the right thing in a rapidly changing environment? The Digital Trust Center (DTC) has built a safe online forum with the DTC Community where entrepreneurs can ask their cybersecurity questions, where experts help entrepreneurs on their way, where tips are exchanged and where you stay on top of current events.

Cyber ​​Alerts and current events

The DTC, part of the Ministry of Economic Affairs and Climate, shares relevant news and urgent cyber alerts with the cyber community. The members also share indispensable knowledge for entrepreneurs and cybersecurity managers. For example, if there are vulnerabilities in commonly used systems such as Citrix and Windows Exchange Servers , you will be immediately informed about this via a cyber alert so that you can quickly take action. This significantly reduces the risk of a cyber incident. In this way, the DTC Community jointly contributes to a safer business climate in the Netherlands.

More than 2,500 members at your fingertips

The online forum now has more than 2,500 members and new members are added every day. “The DTC Community is the cybersecurity forum of the Netherlands,” says Michel Verhagen, manager of the DTC. “IT professionals, CISOs and entrepreneurs can help each other, exchange knowledge and jointly make the Netherlands digitally resilient. We facilitate this knowledge sharing from the DTC with a safe and independent platform.”

If you don't work on cybersecurity on a daily basis, all the information you read or hear about this subject can sometimes be overwhelming. Where do you start and how do you see the forest through the trees? The DTC Community is for everyone who wants to get started with cybersecurity, from starters to professionals. You can ask questions to experts in this field, for example about cyber awareness within your company, dealing with ransomware or the experiences of others. There are also theme rooms, such as the NIS2 theme room, where members discuss specific topics with each other.

The DTC Community in figures

What the members say:

“As a CISO, I want to be informed of what is going on through reliable sources.”
“Receiving threat information allows me to quickly update our systems when necessary.”
“Through the DTC Community I expand my network, share current knowledge and learn from others.”

Are you an entrepreneur or (jointly) responsible for cybersecurity within your company? Then join the DTC Community .

Secure digital business

As an entrepreneur or security manager, would you like to receive reports of serious cyber threats to companies in your mailbox? Then join the DTC Community .
To support entrepreneurs, there is also a wide range of cyber security information and a toolbox with cyber tools . Want to test whether you already have the basics in order? Do the Basic Cyber ​​Resilience Scan or the CyberVeilig Check for SMEs and the self-employed .

Update – Active exploitation of vulnerabilities

Juniper Networks has indicated that they are aware of successful exploitation of the previously identified vulnerabilities in the Junos OS operating system on SRX firewalls and EX switches.

The advice remains to install security updates

Original message

August 31, 2023

Severe combination vulnerabilities in Juniper EX switches and SRX firewalls

Juniper Networks, the network equipment manufacturer, released security updates on August 17 for several vulnerabilities in the JuneOS operating system. This operating system is used in Juniper EX switches and SRX firewalls. The vulnerabilities ( CVE-2023-36844 , CVE-2023-36845 , CVE-2023-36846 and CVE-2023-36847 ) are not individually identified as critical, but in combination they can have serious consequences. A so-called ' Proof of concept ' (POC) has been published that demonstrates this. The National Cyber ​​Security Center (NCSC) has therefore scaled up the assessment of the vulnerabilities to ' High/High '. This means that there is a high chance that these vulnerabilities will be exploited and that the damage can be great.

What's the risk?

The vulnerabilities allow arbitrary code execution with administrator privileges on vulnerable Juniper EX switches or SRX firewalls without credentials. To do this, an attacker needs network access to the management interface (J-Web).

It is customary not to simply make management interfaces such as J-Web available to the (entire) Internet. If this is the case, the risk of abuse increases. The vulnerabilities can easily be exploited and the NCSC, among others, expects attacks on Juniper EX switches or SRX firewalls where the management interface is publicly accessible in the foreseeable future.

What can I do?

Juniper has released security updates The advice is to install it or have it installed as soon as possible.

In addition, we strongly recommend limiting access to administrative interfaces as much as possible. Make sure that these are not publicly accessible via the internet. Should remote access be necessary, allow it only through a VPN connection or restrict access to specific IP addresses.

Secure digital business

As an entrepreneur or security manager, would you like to receive notifications of serious cyber threats to companies in your mailbox? Then join the DTC Community .
To support entrepreneurs, there is also a wide range of cybersecurity information and a toolbox with cyber tools . Want to test whether you already have the basics in order? Take the CyberSafe Check for SMEs and self-employed persons .

A critical vulnerability has been discovered in Atlassian Confluence Datacenter and Server. The vulnerability ( CVE-2023-22518 ) is classified as critical by software manufacturer Atlassian with a CVSS score of 9.1. Security updates are available. Atlassian indicates that it has not yet observed any active abuse but calls on customers to take immediate action.

What's the risk?

The vulnerability is classified by Atlassian as an “Improper Authorization” vulnerability. Exploitation of the vulnerability can cause a “Denial of Service” (DoS), making a Confluence environment unavailable. In addition, arbitrary code can be executed on the system where Confluence is installed.

When a Confluence environment is available from the public internet, this increases the chance of vulnerabilities being exploited. Atlassian also indicates that publicly accessible Confluence environments are at high risk for this vulnerability.

All locally installed (“On Premise”) versions of Confluence Data Center and Server are vulnerable.
Atlassian Cloud Sites are not vulnerable. If your Confluence page is reachable via an atlassian.net domain, then the application is hosted by Atlassian and this vulnerability does not apply.

What can I do?

Atlassian has released software updates for Confluence Data Center and Server to address the vulnerability.
The advice is to have this installed as quickly as possible. A security update is available for the following versions: 7.19.16 and later
8.3.4 and later
8.4.4 and later
8.5.3 and later
8.6.1 and later

In addition, Atlassian recommends blocking access from the public internet until the updates have been installed.

The Digital Trust Center recommends that the measures recommended by Atlassian be implemented as quickly as possible. If necessary, ask your IT service provider to help you with this.

Secure digital business

As an entrepreneur or security manager, would you like to receive notifications of serious cyber threats to companies in your mailbox? Then join the DTC Community .
To support entrepreneurs, there is also a wide range of cybersecurity information and a toolbox with cyber tools . Want to test whether you already have the basics in order? Take the Basic Cyber ​​Resilience Scan .