Cyber Defense Advisors

Month: February 2024

Home / News / 2024 / February / Page 12
  • by
  • February 17, 2024

How Businesses Can Safeguard Their Communication Channels Against Hackers

Efficient communication is a cornerstone of business success. Internally, making sure your team communicates seamlessly helps you avoid friction losses, misunderstandings, delays, and overlaps. Externally, frustration-free customer communication is directly correlated to a positive customer experience and higher satisfaction. However, business communication channels are also a major target for cybercriminals. In recent years, especially since […]

Cyber News
Google Open Sources Magika: AI-Powered File Identification Tool
  • by
  • February 17, 2024

Google Open Sources Magika: AI-Powered File Identification Tool

Google has announced that it’s open-sourcing Magika, an artificial intelligence (AI)-powered tool to identify file types, to help defenders accurately detect binary and textual file types. “Magika outperforms conventional file identification methods providing an overall 30% accuracy boost and up to 95% higher precision on traditionally hard to identify, but potentially problematic content such as […]

Cyber News
  • by
  • February 16, 2024

Friday Squid Blogging: Vegan Squid-Ink Pasta

It uses black beans for color and seaweed for flavor. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines here. Tags: squid Sidebar photo of Bruce Schneier by Joe MacInnis.  

Cyber News
CISA Warning: Akira Ransomware Exploiting Cisco ASA/FTD Vulnerability
  • by
  • February 16, 2024

CISA Warning: Akira Ransomware Exploiting Cisco ASA/FTD Vulnerability

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a now-patched security flaw impacting Cisco Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) software to its Known Exploited Vulnerabilities (KEV) catalog, following reports that it’s being likely exploited in Akira ransomware attacks. The vulnerability in question is CVE-2020-3259 (CVSS score: 7.5), a […]

Cyber News
RustDoor macOS Backdoor Targets Cryptocurrency Firms with Fake Job Offers
  • by
  • February 16, 2024

RustDoor macOS Backdoor Targets Cryptocurrency Firms with Fake Job Offers

Multiple companies operating in the cryptocurrency sector are the target of an ongoing malware campaign that involves a newly discovered Apple macOS backdoor codenamed RustDoor. RustDoor was first documented by Bitdefender last week, describing it as a Rust-based malware capable of harvesting and uploading files, as well as gathering information about the infected machines. It’s […]

Cyber News
Why We Must Democratize Cybersecurity
  • by
  • February 16, 2024

Why We Must Democratize Cybersecurity

With breaches making the headlines on an almost weekly basis, the cybersecurity challenges we face are becoming visible not only to large enterprises, who have built security capabilities over the years, but also to small to medium businesses and the broader public. While this is creating greater awareness among smaller businesses of the need to […]

Cyber News
Malicious 'SNS Sender' Script Abuses AWS for Bulk Smishing Attacks
  • by
  • February 16, 2024

Malicious ‘SNS Sender’ Script Abuses AWS for Bulk Smishing Attacks

A malicious Python script known as SNS Sender is being advertised as a way for threat actors to send bulk smishing messages by abusing Amazon Web Services (AWS) Simple Notification Service (SNS). The SMS phishing messages are designed to propagate malicious links that are designed to capture victims’ personally identifiable information (PII) and payment card […]

Cyber News
U.S. State Government Network Breached via Former Employee's Account
  • by
  • February 16, 2024

U.S. State Government Network Breached via Former Employee’s Account

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has revealed that an unnamed state government organization’s network environment was compromised via an administrator account belonging to a former employee. “This allowed the threat actor to successfully authenticate to an internal virtual private network (VPN) access point,” the agency said in a joint advisory published Thursday […]

Cyber News
U.S. Government Disrupts Russia-Linked Botnet Engaged in Cyber Espionage
  • by
  • February 16, 2024

U.S. Government Disrupts Russia-Linked Botnet Engaged in Cyber Espionage

The U.S. government on Thursday said it disrupted a botnet comprising hundreds of small office and home office (SOHO) routers in the country that was put to use by the Russia-linked APT28 actor to conceal its malicious activities. “These crimes included vast spear-phishing and similar credential harvesting campaigns against targets of intelligence interest to the […]

Cyber News