Cyber Defense Advisors

Month: February 2024

  • by
  • February 8, 2024

Unified Identity – look for the meaning behind the hype!

If you’ve listened to software vendors in the identity space lately, you will have noticed that “unified” has quickly become the buzzword that everyone is adopting to describe their portfolio. And this is great! Unified identity has some amazing benefits! However (there is always a however, right?) not every “unified” “identity” “security” “platform” is made […]

Cyber News
  • by
  • February 8, 2024

HijackLoader Evolves: Researchers Decode the Latest Evasion Methods

The threat actors behind a loader malware called HijackLoader have added new techniques for defense evasion, as the malware continues to be increasingly used by other threat actors to deliver additional payloads and tooling. “The malware developer used a standard process hollowing technique coupled with an additional trigger that was activated by the parent process […]

Cyber News
  • by
  • February 8, 2024

Google Starts Blocking Sideloading of Potentially Dangerous Android Apps in Singapore

Google has unveiled a new pilot program in Singapore that aims to prevent users from sideloading certain apps that abuse Android app permissions to read one-time passwords and gather sensitive data. “This enhanced fraud protection will analyze and automatically block the installation of apps that may use sensitive runtime permissions frequently abused for financial fraud […]

Cyber News
  • by
  • February 8, 2024

Tooth be told: Toothbrush DDoS attack claim was lost in translation, claims Fortinet

After hundreds of media outlets worldwide repeated the false claim that a botnet of three million toothbrushes attacked a Swiss company, the cybersecurity firm at the centre of the story has now issued a statement. 

Cyber News
  • by
  • February 8, 2024

Kimsuky’s New Golang Stealer ‘Troll’ and ‘GoBear’ Backdoor Target South Korea

The North Korea-linked nation-state actor known as Kimsuky is suspected of using a previously undocumented Golang-based information stealer called Troll Stealer. The malware steals “SSH, FileZilla, C drive files/directories, browsers, system information, [and] screen captures” from infected systems, South Korean cybersecurity company S2W said in a new technical report. Troll Stealer’s links to Kimsuky stem […]

Cyber News
  • by
  • February 8, 2024

Critical Patches Released for New Flaws in Cisco, Fortinet, VMware Products

Cisco, Fortinet, and VMware have released security fixes for multiple security vulnerabilities, including critical weaknesses that could be exploited to perform arbitrary actions on affected devices. The first set from Cisco consists of three flaws – CVE-2024-20252 and CVE-2024-20254 (CVSS score: 9.6) and CVE-2024-20255 (CVSS score: 8.2) – impacting Cisco Expressway Series that could allow […]

Cyber News
  • by
  • February 8, 2024

Smashing Security podcast #358: Hong Kong hijinks, pig butchers, and poor ransomware gangs

Is this the real life? Is this just fantasy? A company in Hong Kong suffers a sophisticated deepfake duping, be one your guard from pig butchers as Valentine’s Day approaches, and spare a moment to feel sorry for poor ransomware gangs. All this and much much more is discussed in the latest edition of the […]

Cyber News
  • by
  • February 7, 2024

The toothbrush DDoS attack: How misinformation spreads in the cybersecurity world

No, three million smart toothbrushes didn’t launch a DDoS attack against a Swiss company. 

Cyber News
  • by
  • February 7, 2024

From Cybercrime Saul Goodman to the Russian GRU

In 2021, the exclusive Russian cybercrime forum Mazafaka was hacked. The leaked user database shows one of the forum’s founders was an attorney who advised Russia’s top hackers on the legal risks of their work, and what to do if they got caught. A review of this user’s hacker identities shows that during his time […]

Cyber News