Cyber Defense Advisors

Year: 2022

Home / News / 2022 / Page 145
  • by
  • October 21, 2022

Multiple Campaigns Exploit VMware Vulnerability to Deploy Crypto Miners and Ransomware

A now-patched vulnerability in VMware Workspace ONE Access has been observed being exploited to deliver both cryptocurrency miners and ransomware on affected machines. “The attacker intends to utilize a victim’s resources as much as possible, not only to install RAR1Ransom for extortion, but also to spread GuardMiner to collect cryptocurrency,” Fortinet FortiGuard Labs researcher Cara […]

Cyber News, Cyber Threat Trends

Google Unveils Open Source Project to Improve Software Supply Chain Security

GUAC aims to bring together many different sources of software security metadata

Cyber News, Cyber Threat Trends

NCSC CEO Calls for International Standards on IoT Security

Lindy Cameron argues that smart cities are becoming an attractive target for threat actors, including nation states

Cyber News, Cyber Threat Trends

Thousands of Publicly Exposed API Tokens Could Threaten Software Integrity

JFrog scanned over eight million artifacts in the most common open-source software registries

Cyber News, Cyber Threat Trends

OldGremlin Ransomware Ups Ante Against Russian Targets

Ransom demands soar to $17m, according to new report

Cyber News, Cyber Threat Trends

Cyber-Enabled Crimes Are Biggest Police Concerns

Interpol study warns that many threats are expected to increase

Cyber News, Cyber Threat Trends

Do the recent DDoS attacks signal future web application risks?

Multiple reports in the media, including in Bloomberg US Edition, allege that Russian-associated cybercrime group Killnet is responsible for a series of distributed-denial-of-service (DDoS) attacks during the week of October 6 that took several state government and other websites offline. While most of the websites were restored within 48 hours, these volumetric attacks can leave […]

Cyber News, Cyber Threat Trends
  • by
  • October 21, 2022

Microsoft Confirms Server Misconfiguration Led to 65,000+ Companies’ Data Leak

Microsoft this week confirmed that it inadvertently exposed information related to thousands of customers following a security lapse that left an endpoint publicly accessible over the internet sans any authentication. “This misconfiguration resulted in the potential for unauthenticated access to some business transaction data corresponding to interactions between Microsoft and prospective

Cyber News, Cyber Threat Trends
  • by
  • October 21, 2022

A Quick Look at the “Strengthening America’s Cybersecurity” Initiative

Acknowledging that you have a problem is the first step to addressing the problem in a serious way. This seems to be the reasoning for the White House recently announcing its “Strengthening America’s Cybersecurity” initiative. The text of the announcement contains several statements that anyone who’s ever read about cybersecurity will have heard many times […]

Cyber News, Cyber Threat Trends