Cyber Defense Advisors

Month: March 2024

  • by
  • March 13, 2024

PixPirate Android Banking Trojan Using New Evasion Tactic to Target Brazilian Users

The threat actors behind the PixPirate Android banking trojan are leveraging a new trick to evade detection on compromised devices and harvest sensitive information from users in Brazil. The approach allows it to hide the malicious app’s icon from the home screen of the victim’s device, IBM said in a technical report published today. “Thanks […]

Cyber News
  • by
  • March 13, 2024

Burglars Using Wi-Fi Jammers to Disable Security Cameras

The arms race continues, as burglars are learning how to use jammers to disable Wi-Fi security cameras. Tags: Internet of Things, jamming, theft, Wi-Fi Sidebar photo of Bruce Schneier by Joe MacInnis.  

Cyber News
  • by
  • March 13, 2024

Join Our Webinar on Protecting Human and Non-Human Identities in SaaS Platforms

Identities are the latest sweet spot for cybercriminals, now heavily targeting SaaS applications that are especially vulnerable in this attack vector. The use of SaaS applications involves a wide range of identities, including human and non-human, such as service accounts, API keys, and OAuth authorizations. Consequently, any identity in a SaaS app can create an […]

Cyber News
  • by
  • March 13, 2024

Researchers Highlight Google’s Gemini AI Susceptibility to LLM Threats

Google’s Gemini large language model (LLM) is susceptible to security threats that could cause it to divulge system prompts, generate harmful content, and carry out indirect injection attacks. The findings come from HiddenLayer, which said the issues impact consumers using Gemini Advanced with Google Workspace as well as companies using the LLM API. The first […]

Cyber News
  • by
  • March 13, 2024

Hackers target Roku: 15,000 accounts compromised in data breach

Graham CLULEY March 13, 2024 Promo Protect all your devices, without slowing them down. Free 30-day trial Streaming company Roku has revealed that over 15,000 customers’ accounts were hacked using stolen login credentials from unrelated data breaches. In data breach notices to the Attorneys General for Maine and California, Roku said hackers accessed the accounts […]

Cyber News
  • by
  • March 13, 2024

Alert: Cybercriminals Deploying VCURMS and STRRAT Trojans via AWS and GitHub

A new phishing campaign has been observed delivering remote access trojans (RAT) such as VCURMS and STRRAT by means of a malicious Java-based downloader. “The attackers stored malware on public services like Amazon Web Services (AWS) and GitHub, employing a commercial protector to avoid detection of the malware,” Fortinet FortiGuard Labs researcher Yurren Wan said. […]

Cyber News
  • by
  • March 13, 2024

Incognito Market: The not-so-secure dark web drug marketplace

Well, here’s a shocker. Incognito Market, a darknet platform connecting sellers of narcotics to potential buyers, has turned out to be not entirely trustworthy. Drug vendors and buyers alike are being extorted. They are being threatened that their supposedly secure (and in some cases supposedly deleted) private chats will be made public unless they give […]

Cyber News
  • by
  • March 13, 2024

Microsoft’s March Updates Fix 61 Vulnerabilities, Including Critical Hyper-V Flaws

Microsoft on Tuesday released its monthly security update, addressing 61 different security flaws spanning its software, including two critical issues impacting Windows Hyper-V that could lead to denial-of-service (DoS) and remote code execution. Of the 61 vulnerabilities, two are rated Critical, 58 are rated Important, and one is rated Low in severity. None of the […]

Cyber News
  • by
  • March 12, 2024

Patch Tuesday, March 2024 Edition

Apple and Microsoft recently released software updates to fix dozens of security holes in their operating systems. Microsoft today patched at least 60 vulnerabilities in its Windows OS. Meanwhile, Apple’s new macOS Sonoma addresses at least 68 security weaknesses, and its latest update for iOS fixes two zero-day flaws. Last week, Apple pushed out an […]

Cyber News