Cyber Defense Advisors

Month: November 2023

  • by
  • November 17, 2023

27 Malicious PyPI Packages with Thousands of Downloads Found Targeting IT Experts

An unknown threat actor has been observed publishing typosquat packages to the Python Package Index (PyPI) repository for nearly six months with an aim to deliver malware capable of gaining persistence, stealing sensitive data, and accessing cryptocurrency wallets for financial gain. The 27 packages, which masqueraded as popular legitimate Python libraries, attracted thousands of downloads, […]

Cyber News
  • by
  • November 17, 2023

U.S. Cybersecurity Agencies Warn of Scattered Spider’s Gen Z Cybercrime Ecosystem

U.S. cybersecurity and intelligence agencies have released a joint advisory about a cybercriminal group known as Scattered Spider that’s known to employ sophisticated phishing tactics to infiltrate targets. “Scattered Spider threat actors typically engage in data theft for extortion using multiple social engineering techniques and have recently leveraged BlackCat/ALPHV ransomware alongside their usual TTPs,” the […]

Cyber News
  • by
  • November 17, 2023

CISA Adds Three Security Flaws with Active Exploitation to KEV Catalog

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added three security flaws to its Known Exploited Vulnerabilities (KEV) catalog based on evidence of active exploitation in the wild. The vulnerabilities are as follows – CVE-2023-36584 (CVSS score: 5.4) – Microsoft Windows Mark-of-the-Web (MotW) Security Feature Bypass Vulnerability CVE-2023-1671 (CVSS score: 9.8) – Sophos […]

Cyber News

FTC’s Voice Cloning Challenge

The Federal Trade Commission is running a competition “to foster breakthrough ideas on preventing, monitoring, and evaluating malicious voice cloning.”

Cyber News, Cyber Threat Trends
  • by
  • November 17, 2023

Using Session Names to Log Who Deployed What in CloudTrail

ACM.388 Refactoring my test script that will ultimately be used in EC2 Instances to run deployment jobs Continue reading on Cloud Security »

Cyber News, Cyber Threat Trends
  • by
  • November 17, 2023

Generic Changes to Migrate Scripts From My POC Code Base to the Container Code Base

ACM.389 A one time post of the kinds of changes I need to make to every script I migrate over Continue reading on Cloud Security »

Cyber News, Cyber Threat Trends
  • by
  • November 17, 2023

‘CacheWarp’ AMD VM Bug Opens the Door to Privilege Escalation

Academics in Germany figured out how to reverse time in AMD virtualization environments, then reap the spoils.

Cyber News, Cyber Threat Trends
  • by
  • November 17, 2023

Palestine-aligned cyberespionage actor shifts infection chain tactics

Researchers warn that a cyberespionage actor that targets government entities in the Middle East and North Africa and is generally aligned with Palestinian interests has changed its infection chain tactics three times in recent months. The group is known for targeting a very small number of organizations in every campaign to deliver a custom malware […]

Cyber News, Cyber Threat Trends
  • by
  • November 17, 2023

Dangerous Apache ActiveMQ Exploit Allows Stealthy EDR Bypass

There’s no time to waste: For organizations on the fence about patching the critical bug in ActiveMQ, the new proof-of-concept exploit should push them towards action.

Cyber News, Cyber Threat Trends