Cyber Defense Advisors

Month: December 2023

  • by
  • December 19, 2023

Are We Ready to Give Up on Security Awareness Training?

Some of you have already started budgeting for 2024 and allocating funds to security areas within your organization. It is safe to say that employee security awareness training is one of the expenditure items, too. However, its effectiveness is an open question with people still engaging in insecure behaviors at the workplace. Besides, social engineering […]

Cyber News
  • by
  • December 19, 2023

Iranian Hackers Using MuddyC2Go in Telecom Espionage Attacks Across Africa

The Iranian nation-state actor known as MuddyWater has leveraged a newly discovered command-and-control (C2) framework called MuddyC2Go in its attacks on the telecommunications sector in Egypt, Sudan, and Tanzania. The Symantec Threat Hunter Team, part of Broadcom, is tracking the activity under the name Seedworm, which is also tracked under the monikers Boggy Serpens, Cobalt […]

Cyber News
  • by
  • December 19, 2023

New Malvertising Campaign Distributing PikaBot Disguised as Popular Software

The malware loader known as PikaBot is being distributed as part of a malvertising campaign targeting users searching for legitimate software like AnyDesk. “PikaBot was previously only distributed via malspam campaigns similarly to QakBot and emerged as one of the preferred payloads for a threat actor known as TA577,” Malwarebytes’ Jérôme Segura said. The malware […]

Cyber News

Enhancing Company Security through Enterprise Application Development

Enhancing Company Security through Enterprise Application Development In an era marked by relentless digital transformation and the ever-increasing reliance on technology, ensuring the security of a company’s data and operations is paramount. Cyber threats, data breaches, and information theft have become everyday headlines, emphasizing the importance of robust security measures. One powerful tool in the […]

Enterprise Application Development

The vCTO Evolution: Adapting to Global Tech Disruptions

The vCTO Evolution: Adapting to Global Tech Disruptions In a world where technology evolves at a breakneck pace, businesses must constantly adapt to stay relevant. The role of the virtual Chief Technology Officer (vCTO) is no exception to this rule. As global tech disruptions reshape industries, the vCTO has emerged as a crucial player in […]

Virtual Chief Technology Officer (vCTO)

The Vanguard of Cybersecurity: How vCISOs Are Shaping the Future of Digital Defense

The Vanguard of Cybersecurity: How vCISOs Are Shaping the Future of Digital Defense In the relentless battleground of cyberspace, where data breaches and cyberattacks are on the rise, the role of a Virtual Chief Information Security Officer (vCISO) has emerged as a pivotal force. These unsung heroes are quietly but decisively shaping the future of […]

Virtual Chief Information Security Officer (vCISO)
  • by
  • December 19, 2023

8220 Gang Exploiting Oracle WebLogic Server Vulnerability to Spread Malware

The threat actors associated with the 8220 Gang have been observed exploiting a high-severity flaw in Oracle WebLogic Server to propagate their malware. The security shortcoming is CVE-2020-14883 (CVSS score: 7.2), a remote code execution bug that could be exploited by authenticated attackers to take over susceptible servers. “This vulnerability allows remote authenticated attackers to […]

Cyber News
  • by
  • December 19, 2023

Double-Extortion Play Ransomware Strikes 300 Organizations Worldwide

The threat actors behind the Play ransomware are estimated to have impacted approximately 300 entities as of October 2023, according to a new joint cybersecurity advisory from Australia and the U.S. “Play ransomware actors employ a double-extortion model, encrypting systems after exfiltrating data and have impacted a wide range of businesses and critical infrastructure organizations […]

Cyber News

The Digital Battleground: Unraveling the Nuances of Cyber Security Risk Assessments

The Digital Battleground: Unraveling the Nuances of Cyber Security Risk Assessments In an increasingly interconnected world, where businesses and individuals rely on digital technologies for nearly every aspect of their lives, the importance of cybersecurity cannot be overstated. The rise of cyber threats has turned the digital landscape into a battleground, with malicious actors constantly […]

High-Level Risk Assessment