Cyber Defense Advisors

Month: January 2024

  • by
  • January 5, 2024

SpectralBlur: New macOS Backdoor Threat from North Korean Hackers

Cybersecurity researchers have discovered a new Apple macOS backdoor called SpectralBlur that overlaps with a known malware family that has been attributed to North Korean threat actors. “SpectralBlur is a moderately capable backdoor that can upload/download files, run a shell, update its configuration, delete files, hibernate, or sleep, based on commands issued from the [command-and-control] […]

Cyber News
  • by
  • January 5, 2024

Improving Shor’s Algorithm

We don’t have a useful quantum computer yet, but we do have quantum algorithms. Shor’s algorithm has the potential to factor large numbers faster than otherwise possible, which—if the run times are actually feasible—could break both the RSA and Diffie-Hellman public-key algorithms. Now, computer scientist Oded Regev has a significant speed-up to Shor’s algorithm, at […]

Cyber News
  • by
  • January 5, 2024

Exposed Secrets are Everywhere. Here’s How to Tackle Them

Picture this: you stumble upon a concealed secret within your company’s source code. Instantly, a wave of panic hits as you grasp the possible consequences. This one hidden secret has the power to pave the way for unauthorized entry, data breaches, and a damaged reputation. Understanding the secret is just the beginning; swift and resolute […]

Cyber News
  • by
  • January 5, 2024

Orange Spain Faces BGP Traffic Hijack After RIPE Account Hacked by Malware

Mobile network operator Orange Spain suffered an internet outage for several hours on January 3 after a threat actor used administrator credentials captured by means of stealer malware to hijack the border gateway protocol (BGP) traffic. “The Orange account in the IP network coordination center (RIPE) has suffered improper access that has affected the browsing […]

Cyber News
  • by
  • January 5, 2024

Alert: Ivanti Releases Patch for Critical Vulnerability in Endpoint Manager Solution

Ivanti has released security updates to address a critical flaw impacting its Endpoint Manager (EPM) solution that, if successfully exploited, could result in remote code execution (RCE) on susceptible servers. Tracked as CVE-2023-39336, the vulnerability has been rated 9.6 out of 10 on the CVSS scoring system. The shortcoming impacts EPM 2021 and EPM 2022 […]

Cyber News
  • by
  • January 5, 2024

Russian Hackers Had Covert Access to Ukraine’s Telecom Giant for Months

Ukrainian cybersecurity authorities have disclosed that the Russian state-sponsored threat actor known as Sandworm was inside telecom operator Kyivstar’s systems at least since May 2023. The development was first reported by Reuters. The incident, described as a “powerful hacker attack,” first came to light last month, knocking out access to mobile and internet services for […]

Cyber News
  • by
  • January 5, 2024

New Bandook RAT Variant Resurfaces, Targeting Windows Machines

A new variant of a remote access trojan called Bandook has been observed being propagated via phishing attacks with an aim to infiltrate Windows machines, underscoring the continuous evolution of the malware. Fortinet FortiGuard Labs, which identified the activity in October 2023, said the malware is distributed via a PDF file that embeds a link […]

Cyber News
  • by
  • January 4, 2024

Cybersecurity firm Mandiant has its Twitter account hacked to promote cryptocurrency scam

Google-owned cybersecurity company Mandiant has found itself in the awkward position of having to wrestle back control of its Twitter account, after it was hijacked by scammers yesterday. The official Mandiant account, which is followed by over 100,000 people, was seized by scammers promoting links to a phony website which claimed to offer free $PHNTM […]

Cyber News
  • by
  • January 4, 2024

Cryptocurrency wallet CEO loses $125,000 in wallet-draining scam

Anyone can get scammed. If you think you’re somehow immune to being scammed, then, in my opinion, you’re a prime target for being scammed. No one is too big, too clever, too security-savvy to avoid being duped because it’s only human to make a mistake and screw up. And that certainly seems to be the […]

Cyber News