Cyber Defense Advisors

Month: October 2023

Home / News / 2023 / October / Page 123

Vulnerability Exposed in WordPress Plugin User Submitted Posts

With over 20,000 active installations, the plugin is used for user-generated content submissions

Cyber News, Cyber Threat Trends
  • by
  • October 12, 2023

Misleading IAM CloudFormation Error Message — Role Name Is Invalid

I was deploying some new roles and policies using my common code when I got this message: Continue reading on Bugs That Bite »

Cyber News, Cyber Threat Trends

Chinese APT ToddyCat Targets Asian Telecoms, Governments

A cyber espionage campaign tied to the Chinese group ToddyCat is targeting high-profile organizations in Kazakhstan, Uzbekistan, Pakistan, and Vietnam

Cyber News, Cyber Threat Trends
  • by
  • October 12, 2023

Malicious NuGet Package Targeting .NET Developers with SeroXen RAT

A malicious package hosted on the NuGet package manager for the .NET Framework has been found to deliver a remote access trojan called SeroXen RAT. The package, named Pathoschild.Stardew.Mod.Build.Config and published by a user named Disti, is a typosquat of a legitimate package called Pathoschild.Stardew.ModBuildConfig, software supply chain security firm Phylum said in a report today. While

Cyber News, Cyber Threat Trends
  • by
  • October 12, 2023

Protect Critical Infrastructure With Same Rigor as Classified Networks

Government security processes are often viewed as tedious and burdensome — but applying the lessons learned from them is imperative for private industry to counter a nation-state threat.

Cyber News, Cyber Threat Trends
  • by
  • October 12, 2023

Backdoor Lurks Behind WordPress Caching Plugin to Hijack Websites

Evasive malware disguised as a caching plugin allows attackers to create an admin account on a WordPress site, then take over and monetize sites at the expense of legitimate SEO and user privacy.

Cyber News, Cyber Threat Trends

Chinese APT ToddyCat Targets Asian Telecoms, Governments

A cyber espionage campaign tied to the Chinese group ToddyCat is targeting high-profile organizations in Kazakhstan, Uzbekistan, Pakistan, and Vietnam

Cyber News, Cyber Threat Trends

Chinese APT ToddyCat Targets Asian Telecoms, Governments

A cyber espionage campaign tied to the Chinese group ToddyCat is targeting high-profile organizations in Kazakhstan, Uzbekistan, Pakistan, and Vietnam

Cyber News, Cyber Threat Trends
  • by
  • October 12, 2023

Uber’s Ex-CISO Appeals Conviction Over 2016 Data Breach

Joe Sullivan’s lawyers have claimed his conviction on two felony charges is based on tenuous theories and criminalizes the use of bug bounty programs.

Cyber News, Cyber Threat Trends