Cyber Defense Advisors

Month: January 2024

  • by
  • January 19, 2024

35.5 million customers of major apparel brands have their data breached after ransomware attack

Bought some Timberland shoes? Wear a North Face jacket? You, and millions of purchasers of other popular high-street brands, could have had their data stolen by the ALPHV ransomware group. Read more in my article on the Hot for Security blog. 

Cyber News
  • by
  • January 19, 2024

Experts Warn of macOS Backdoor Hidden in Pirated Versions of Popular Software

Pirated applications targeting Apple macOS users have been observed containing a backdoor capable of granting attackers remote control to infected machines. “These applications are being hosted on Chinese pirating websites in order to gain victims,” Jamf Threat Labs researchers Ferdous Saljooki and Jaron Bradley said. “Once detonated, the malware will download and execute multiple payloads […]

Cyber News
  • by
  • January 19, 2024

Speaking to the CIA’s Creative Writing Group

This is a fascinating story. Last spring, a friend of a friend visited my office and invited me to Langley to speak to Invisible Ink, the CIA’s creative writing group. I asked Vivian (not her real name) what she wanted me to talk about. She said that the topic of the talk was entirely up […]

Cyber News
  • by
  • January 19, 2024

Preventing Data Loss: Backup and Recovery Strategies for Exchange Server Administrators

In the current digital landscape, data has emerged as a crucial asset for organizations, akin to currency. It’s the lifeblood of any organization in today’s interconnected and digital world. Thus, safeguarding the data is of paramount importance. Its importance is magnified in on-premises Exchange Server environments where vital business communication and emails are stored and […]

Cyber News
  • by
  • January 19, 2024

Npm Trojan Bypasses UAC, Installs AnyDesk with “Oscompatible” Package

A malicious package uploaded to the npm registry has been found deploying a sophisticated remote access trojan on compromised Windows machines. The package, named “oscompatible,” was published on January 9, 2024, attracting a total of 380 downloads before it was taken down. oscompatible included a “few strange binaries,” according to software supply chain security firm […]

Cyber News
  • by
  • January 19, 2024

U.S. Cybersecurity Agency Warns of Actively Exploited Ivanti EPMM Vulnerability

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a now-patched critical flaw impacting Ivanti Endpoint Manager Mobile (EPMM) and MobileIron Core to its Known Exploited Vulnerabilities (KEV) catalog, stating it’s being actively exploited in the wild. The vulnerability in question is CVE-2023-35082 (CVSS score: 9.8), an authentication bypass that’s a patch bypass […]

Cyber News

Balancing Penetration Testing & Exploitation Assessment in Financial Systems

Balancing Penetration Testing & Exploitation Assessment in Financial Systems The realm of financial systems is complex, encompassing a vast array of technologies, processes, and operations. With an ever-evolving digital landscape, the security of these systems has become paramount. In the financial sector, where billions of transactions occur daily, a slight security oversight can lead to […]

Penetration Testing and Exploitation Assessment

PCI DSS Compliance: Securing New Payment Gateways

PCI DSS Compliance: Securing New Payment Gateways Payment gateways are essential touchpoints in modern e-commerce, allowing swift and seamless transactions for millions of users worldwide. As digital purchasing continues to grow, so does the need for robust security measures. Enter the Payment Card Industry Data Security Standard (PCI DSS), the frontline defense against payment card […]

PCI DSS Compliance
  • by
  • January 18, 2024

New Docker Malware Steals CPU for Crypto & Drives Fake Website Traffic

Vulnerable Docker services are being targeted by a novel campaign in which the threat actors are deploying XMRig cryptocurrency miner as well as the 9Hits Viewer software as part of a multi-pronged monetization strategy. “This is the first documented case of malware deploying the 9Hits application as a payload,” cloud security firm Cado said, adding […]

Cyber News