Cyber Defense Advisors

Year: 2023

  • by
  • November 22, 2023

LockBit Ransomware Exploiting Critical Citrix Bleed Vulnerability to Break In

Multiple threat actors, including LockBit ransomware affiliates, are actively exploiting a recently disclosed critical security flaw in Citrix NetScaler application delivery control (ADC) and Gateway appliances to obtain initial access to target environments. The joint advisory comes from the U.S. Cybersecurity and Infrastructure Security Agency (CISA), Federal Bureau of Investigation (FBI), Multi-State Information Sharing and […]

Cyber News

SEC Declares Open Season On CISOs

SEC Declares Open Season On CISOs Cyber Lapses Could Now Put Their Heads on the Legal Chopping Block This Thanksgiving, while tables across America are set for a traditional feast, CISOs find themselves on a less savory menu – dodging the carving knives of the SEC’s latest crackdown. The U.S. Securities and Exchange Commission (SEC) […]

Cyber Thoughts

Simplify Your ERP/WMS Redeployment

Simplify Your ERP/WMS Redeployment A common challenge many organizations face is the redeployment of their Enterprise Resource Planning (ERP) and Warehouse Management Systems (WMS). The primary goal of redeployment is to maximize system efficiency and capitalize on the latest functionalities that new versions or systems offer. Whether you’re embarking on an upgrade or migrating to […]

ERP/WMS Redeployment

How SOC 2 Compliance Can Help Keep Your Company Secure

How SOC 2 Compliance Can Help Keep Your Company Secure The business landscape is replete with stories of data breaches, cyber-attacks, and massive information leaks. While technology has been an enabler for business growth, it’s also paved the way for cyber threats. The responsibility to safeguard data—especially sensitive information about clients or customers—has never been […]

SOC 2 Compliance
  • by
  • November 21, 2023

Play Ransomware Goes Commercial – Now Offered as a Service to Cybercriminals

The ransomware strain known as Play is now being offered to other threat actors “as a service,” new evidence unearthed by Adlumin has revealed. “The unusual lack of even small variations between attacks suggests that they are being carried out by affiliates who have purchased the ransomware-as-a-service (RaaS) and are following step-by-step instructions from playbooks […]

Cyber News
  • by
  • November 21, 2023

Email Security Flaw Found in the Wild

Google’s Threat Analysis Group announced a zero-day against the Zimbra Collaboration email server that has been used against governments around the world. TAG has observed four different groups exploiting the same bug to steal email data, user credentials, and authentication tokens. Most of this activity occurred after the initial fix became public on Github. To […]

Cyber News
  • by
  • November 21, 2023

New Agent Tesla Malware Variant Using ZPAQ Compression in Email Attacks

A new variant of the Agent Tesla malware has been observed delivered via a lure file with the ZPAQ compression format to harvest data from several email clients and nearly 40 web browsers. “ZPAQ is a file compression format that offers a better compression ratio and journaling function compared to widely used formats like ZIP […]

Cyber News
  • by
  • November 21, 2023

How Multi-Stage Phishing Attacks Exploit QRs, CAPTCHAs, and Steganography

Phishing attacks are steadily becoming more sophisticated, with cybercriminals investing in new ways of deceiving victims into revealing sensitive information or installing malicious software. One of the latest trends in phishing is the use of QR codes, CAPTCHAs, and steganography. See how they are carried out and learn to detect them. Quishing Quishing, a phishing […]

Cyber News
  • by
  • November 21, 2023

Kinsing Hackers Exploit Apache ActiveMQ Vulnerability to Deploy Linux Rootkits

The Kinsing threat actors are actively exploiting a critical security flaw in vulnerable Apache ActiveMQ servers to infect Linux systems with cryptocurrency miners and rootkits. “Once Kinsing infects a system, it deploys a cryptocurrency mining script that exploits the host’s resources to mine cryptocurrencies like Bitcoin, resulting in significant damage to the infrastructure and a […]

Cyber News