Cyber Defense Advisors

Month: March 2024

  • by
  • March 6, 2024

Ukraine claims it hacked Russian Ministry of Defence, stole secrets and encryption ciphers

Graham CLULEY March 06, 2024 Promo Protect all your devices, without slowing them down. Free 30-day trial Ukraine claims to have successfully hacked Russian military servers and gained access to highly sensitive information. According to an official statement from the Defence Intelligence of Ukraine, the hack has allowed Ukraine to gain possession of “the information […]

Cyber News
  • by
  • March 6, 2024

Exit Scam: BlackCat Ransomware Group Vanishes After $22 Million Payout

The threat actors behind the BlackCat ransomware have shut down their darknet website and likely pulled an exit scam after uploading a bogus law enforcement seizure banner. “ALPHV/BlackCat did not get seized. They are exit scamming their affiliates,” security researcher Fabian Wosar said. “It is blatantly obvious when you check the source code of the […]

Cyber News
  • by
  • March 6, 2024

Surveillance through Push Notifications

The Washington Post is reporting on the FBI’s increasing use of push notification data—”push tokens”—to identify people. The police can request this data from companies like Apple and Google without a warrant. The investigative technique goes back years. Court orders that were issued in 2019 to Apple and Google demanded that the companies hand over […]

Cyber News
  • by
  • March 6, 2024

Whoops! ACEMAGIC ships mini PCs with free bonus pre-installed malware

Chinese mini PC manufacturer ACEMAGIC (do I really have to write that in capitals? I hate it when companies name themselves like that…) has made life a bit more interesting for its customers, by admitting that it has also been throwing in free malware with its products. Yup, the PC maker has ‘fessed up to […]

Cyber News
  • by
  • March 6, 2024

A New Way To Manage Your Web Exposure: The Reflectiz Product Explained

An in-depth look into a proactive website security solution that continuously detects, prioritizes, and validates web threats, helping to mitigate security, privacy, and compliance risks. Reflectiz shields websites from client-side attacks, supply chain risks, data breaches, privacy violations, and compliance issues. You Can’t Protect What You Can’t See Today’s websites are connected to dozens of […]

Cyber News
  • by
  • March 6, 2024

How to Find and Fix Risky Sharing in Google Drive

Every Google Workspace administrator knows how quickly Google Drive becomes a messy sprawl of loosely shared confidential information. This isn’t anyone’s fault; it’s inevitable as your productivity suite is purposefully designed to enable real-time collaboration – both internally and externally. For Security & Risk Management teams, the untenable risk of any Google Drive footprint lies […]

Cyber News
  • by
  • March 6, 2024

U.S. Cracks Down on Predatory Spyware Firm for Targeting Officials and Journalists

The U.S. Department of Treasury’s Office of Foreign Assets Control (OFAC) sanctioned two individuals and five entities associated with the Intellexa Alliance for their role in “developing, operating, and distributing” commercial spyware designed to target government officials, journalists, and policy experts in the country. “The proliferation of commercial spyware poses distinct and growing security risks […]

Cyber News
  • by
  • March 6, 2024

VMware Issues Security Patches for ESXi, Workstation, and Fusion Flaws

VMware has released patches to address four security flaws impacting ESXi, Workstation, and Fusion, including two critical flaws that could lead to code execution. Tracked as CVE-2024-22252 and CVE-2024-22253, the vulnerabilities have been described as use-after-free bugs in the XHCI USB controller. They carry a CVSS score of 9.3 for Workstation and Fusion, and 8.4 […]

Cyber News
  • by
  • March 6, 2024

Alert: GhostSec and Stormous Launch Joint Ransomware Attacks in Over 15 Countries

The cybercrime group called GhostSec has been linked to a Golang variant of a ransomware family called GhostLocker. “TheGhostSec and Stormous ransomware groups are jointly conducting double extortion ransomware attacks on various business verticals in multiple countries,” Cisco Talos researcher Chetan Raghuprasad said in a report shared with The Hacker News. “GhostLocker and Stormous ransomware […]

Cyber News