Cyber Defense Advisors

Month: October 2022

Glut of Fake LinkedIn Profiles Pits HR Against the Bots

A recent proliferation of phony executive profiles on LinkedIn is creating something of an identity crisis for the business networking site, and for companies that rely on it to hire and screen prospective employees. The fabricated LinkedIn identities — which pair AI-generated profile photos with text lifted from legitimate accounts — are creating major headaches […]

Cyber News

Relentless Russian Cyberattacks on Ukraine Raise Important Policy Questions

Microsoft cybersecurity executive John Hewie explained cyberwar developments and what they mean for Western democratic policy going forward.

Cyber News

North Korea’s Lazarus group uses vulnerable Dell driver to blind security solutions

The notorious North Korean state-sponsored hacker group Lazarus has begun exploiting a known vulnerability in an OEM driver developed by Dell to evade detection by security solutions. This is a prime example of why it’s important to always keep third-party PC manufacturer software, which is often neglected, up to date, as well as to add […]

Cyber News

Ikea Smart Light System Flaw Lets Attackers Turn Bulbs on Full Blast

With just one malformed Zigbee frame, attackers could take over certain Ikea smart lightbulbs, leaving users unable to turn the lights down.

Cyber News

October Is Cybersecurity Awareness Month

For the past nineteen years, October has been Cybersecurity Awareness Month here in the US, and that event that has always been part advice and part ridicule. I tend to fall on the apathy end of the spectrum; I don’t think I’ve ever mentioned it before. But the memes can be funny. Here’s a decent […]

Cyber News

CISA: Multiple APT Groups Infiltrate Defense Organization

Advanced attackers gained access to Microsoft Exchange services, conducted searches of email, and used an open source toolkit to collect data from the network for nearly a year.

Cyber News

NullMixer Dropper Delivers a Multimalware Code Bomb

In one shot, Trojan dropper NullMixer installs a suite of downloaders, banking Trojans, stealers, and spyware on victims’ systems.

Cyber News

Secure Your Application Layer, Secure Your Business

Users and malicious actors interact with your business through the application layer. Build trust in your software by securing this first line of defense.

Cyber News

Software supply chains at risk: The account takeover threat

This kind of attack is very difficult to detect and might lead to full compromise of systems, leading to cyberespionage or financial crime. The post Software supply chains at risk: The account takeover threat appeared first on TechRepublic.

Cyber News