Cyber Defense Advisors

Month: March 2024

  • by
  • March 12, 2024

Watch Out: These PyPI Python Packages Can Drain Your Crypto Wallets

Threat hunters have discovered a set of seven packages on the Python Package Index (PyPI) repository that are designed to steal BIP39 mnemonic phrases used for recovering private keys of a cryptocurrency wallet. The software supply chain attack campaign has been codenamed BIPClip by ReversingLabs. The packages were collectively downloaded 7,451 times prior to them […]

Cyber News
  • by
  • March 12, 2024

Jailbreaking LLMs with ASCII Art

Researchers have demonstrated that putting words in ASCII art can cause LLMs—GPT-3.5, GPT-4, Gemini, Claude, and Llama2—to ignore their safety instructions. Research paper. Tags: academic papers, artificial intelligence, chatbots, hacking, LLM Sidebar photo of Bruce Schneier by Joe MacInnis.  

Cyber News
  • by
  • March 12, 2024

CTEM 101 – Go Beyond Vulnerability Management with Continuous Threat Exposure Management

In a world of ever-expanding jargon, adding another FLA (Four-Letter Acronym) to your glossary might seem like the last thing you’d want to do. But if you are looking for ways to continuously reduce risk across your environment while making significant and consistent improvements to security posture, in our opinion, you probably want to consider […]

Cyber News
  • by
  • March 12, 2024

Malware Campaign Exploits Popup Builder WordPress Plugin to Infect 3,900+ Sites

A new malware campaign is leveraging a high-severity security flaw in the Popup Builder plugin for WordPress to inject malicious JavaScript code. According to Sucuri, the campaign has infected more than 3,900 sites over the past three weeks. “These attacks are orchestrated from domains less than a month old, with registrations dating back to February […]

Cyber News
  • by
  • March 12, 2024

South Korean Citizen Detained in Russia on Cyber Espionage Charges

Russia has detained a South Korean national for the first time on cyber espionage charges and transferred from Vladivostok to Moscow for further investigation. The development was first reported by Russian news agency TASS. “During the investigation of an espionage case, a South Korean citizen Baek Won-soon was identified and detained in Vladivostok, and put […]

Cyber News

Unlocking Federal Clouds: The Essential Blueprint for Achieving FedRAMP Sponsorship

Unlocking Federal Clouds: The Essential Blueprint for Achieving FedRAMP Sponsorship In today’s rapidly evolving digital government landscape, the quest for FedRAMP Sponsorship is akin to navigating a complex maze designed to protect the nation’s most sensitive data. Cloud Service Providers (CSPs) stand at the gates, eager to offer innovative solutions that can enhance federal agencies’ […]

FedRAMP Sponsorship Guidance

Securing Your Guide: How to Get a FedRAMP Sponsor – Essential Tips

Securing Your Guide: How to Get a FedRAMP Sponsor – Essential Tips In the vast landscape of cloud computing, where securing sensitive government data is paramount, navigating the Federal Risk and Authorization Management Program (FedRAMP) is a critical step for Cloud Service Providers (CSPs) looking to engage with federal agencies. One pivotal aspect of this […]

FedRAMP Sponsorship Guidance

Navigating FedRAMP Sponsorship: Expert Guidance for Seamless Compliance

Navigating FedRAMP Sponsorship: Expert Guidance for Seamless Compliance In the intricate web of cloud computing regulations, achieving FedRAMP (Federal Risk and Authorization Management Program) compliance is a cornerstone for Cloud Service Providers (CSPs) looking to serve the U.S. government. A critical step in this journey involves securing a FedRAMP Sponsorship—a federal agency willing to endorse […]

FedRAMP Sponsorship Guidance

FedRAMP Sponsorship: The Key to Unlocking Government Cloud Contracts

FedRAMP Sponsorship: The Key to Unlocking Government Cloud Contracts In the expanding universe of cloud computing, where data sovereignty and security are paramount, the Federal Risk and Authorization Management Program (FedRAMP) emerges as a cornerstone for Cloud Service Providers (CSPs) aiming to serve U.S. federal agencies. Among the various pathways to FedRAMP compliance, one of […]

FedRAMP Sponsorship Guidance