Cyber Defense Advisors

Year: 2023

Home / News / 2023 / Page 392
  • by
  • July 19, 2023

Why and how CISOs should work with lawyers to address regulatory burdens

With regulatory scrutiny increasing, some CISOs are partnering with their organization’s legal counsel, seeking expert input to guide their compliance and risk minimization efforts. Chiara Portner, cybersecurity attorney with Hopkins & Carley, says lawyers play a crucial role in advising on risks and finding ways to mitigate them. “With the increasing regulatory scrutiny and burden, […]

Cyber News, Cyber Threat Trends
  • by
  • July 19, 2023

Zero-Day Attacks Exploited Critical Vulnerability in Citrix ADC and Gateway

Citrix is alerting users of a critical security flaw in NetScaler Application Delivery Controller (ADC) and Gateway that it said is being actively exploited in the wild. Tracked as CVE-2023-3519 (CVSS score: 9.8), the issue relates to a case of code injection that could result in unauthenticated remote code execution. It impacts the following versions – NetScaler ADC and NetScaler Gateway […]

Cyber News, Cyber Threat Trends
  • by
  • July 19, 2023

Another Medium Post Not Showing up in Google Search Results

Another Medium SEO issue Continue reading on Bugs That Bite »

Cyber News, Cyber Threat Trends
  • by
  • July 19, 2023

Security Best Practices for GitHub Actions

ACM.256 Options for Hardening GitHub Actions According to GitHub Continue reading on Cloud Security »

Cyber News, Cyber Threat Trends
  • by
  • July 19, 2023

Pernicious Rootkits Pose Growing Blight On Threat Landscape

Attackers show renewed relentlessness in exploiting OS vulnerabilities that also circumvent defense and detection measures.

Cyber News, Cyber Threat Trends
  • by
  • July 19, 2023

Google Cloud Build Flaw Enables Privilege Escalation, Code Tampering

Google’s fix to the Bad.Build flaw only partially addresses the issue, say security researchers who discovered it.

Cyber News, Cyber Threat Trends
  • by
  • July 19, 2023

GitHub Actions

ACM.255 Triggering an update to a website when code gets checked into GitHub — by you or attackers Continue reading on Cloud Security »

Cyber News, Cyber Threat Trends
  • by
  • July 19, 2023

Microsoft hit by Storm season – a tale of two semi-zero days

The first compromise didn’t get the crooks as far as they wanted, so they found a second one that did…

Cyber News, Cyber Threat Trends
  • by
  • July 19, 2023

Attackers can abuse Google Cloud Build to poison production environments

Researchers warn that a permission associated with the Google Cloud Build service in Google Cloud can be easily abused by attackers with access to a regular account to elevate their privileges and potentially poison container images used in production environments. Google Cloud Build is a CI/CD platform that allows organizations and developers to execute code […]

Cyber News, Cyber Threat Trends