Cyber Defense Advisors

Month: January 2024

  • by
  • January 25, 2024

China-backed Hackers Hijack Software Updates to Implant “NSPX30” Spyware

A previously undocumented China-aligned threat actor has been linked to a set of adversary-in-the-middle (AitM) attacks that hijack update requests from legitimate software to deliver a sophisticated implant named NSPX30. Slovak cybersecurity firm ESET is tracking the advanced persistent threat (APT) group under the name Blackwood. It’s said to be active since at least 2018. The […]

Cyber News
  • by
  • January 25, 2024

New CherryLoader Malware Mimics CherryTree to Deploy PrivEsc Exploits

A new Go-based malware loader called CherryLoader has been discovered by threat hunters in the wild to deliver additional payloads onto compromised hosts for follow-on exploitation. Arctic Wolf Labs, which discovered the new attack tool in two recent intrusions, said the loader’s icon and name masquerades as the legitimate CherryTree note-taking application to dupe potential victims 

Cyber News
  • by
  • January 25, 2024

Tech Giant HP Enterprise Hacked by Russian Hackers Linked to DNC Breach

Hackers with links to the Kremlin are suspected to have infiltrated information technology company Hewlett Packard Enterprise’s (HPE) cloud email environment to exfiltrate mailbox data. “The threat actor accessed and exfiltrated data beginning in May 2023 from a small percentage of HPE mailboxes belonging to individuals in our cybersecurity, go-to-market, business segments, and other functions,” 

Cyber News
  • by
  • January 25, 2024

Smashing Security podcast #356: Big dumpers, AI defamation, and the slug that slurped

This week the podcast is more lavatorial than usual, as we explore how privacy may have gone to sh*t on Google Maps, our guest drives hands-free on Britain’s motorways (and is defamed by AI), and ransomware attacks an airplane-leasing firm. All this and much much more is discussed in the latest edition of the “Smashing […]

Cyber News

Why Small Businesses Need to Prioritize Threat Modeling in 2024

Why Small Businesses Need to Prioritize Threat Modeling in 2024 As cyber threats continue to rise, many small businesses still operate under the misconception that they’re too small to be on hackers’ radars. Unfortunately, the reality is quite different. Today, attackers are increasingly targeting small and medium-sized enterprises (SMEs), seeing them as easy targets with […]

Cyber Thoughts
  • by
  • January 24, 2024

SEC Twitter hack blamed on SIM swap attack

The US Securities & Exchange Comission (SEC) has confirmed that hackers managed to seize control of a phone number associated with its Twitter account, and used it to post an unauthorised message. Read more in my article on the Hot for Security blog. 

Cyber News
  • by
  • January 24, 2024

Google Kubernetes Misconfig Lets Any Gmail Account Control Your Clusters

Cybersecurity researchers have discovered a loophole impacting Google Kubernetes Engine (GKE) that could be potentially exploited by threat actors with a Google account to take control of a Kubernetes cluster. The critical shortcoming has been codenamed Sys:All by cloud security firm Orca. As many as 250,000 active GKE clusters in the wild are estimated to […]

Cyber News
  • by
  • January 24, 2024

Poisoning AI Models

New research into poisoning AI models: The researchers first trained the AI models using supervised learning and then used additional “safety training” methods, including more supervised learning, reinforcement learning, and adversarial training. After this, they checked if the AI still had hidden behaviors. They found that with specific prompts, the AI could still generate exploitable […]

Cyber News
  • by
  • January 24, 2024

What is Nudge Security and How Does it Work?

In today’s highly distributed workplace, every employee has the ability to act as their own CIO, adopting new cloud and SaaS technologies whenever and wherever they need. While this has been a critical boon to productivity and innovation in the digital enterprise, it has upended traditional approaches to IT security and governance. Nudge Security is […]

Cyber News