Cyber Defense Advisors

Month: July 2024

  • by
  • July 8, 2024

New APT Group “CloudSorcerer” Targets Russian Government Entities

A previously undocumented advanced persistent threat (APT) group dubbed CloudSorcerer has been observed targeting Russian government entities by leveraging cloud services for command-and-control (C2) and data exfiltration. Cybersecurity firm Kaspersky, which discovered the activity in May 2024, said the tradecraft adopted by the threat actor bears similarities with that of CloudWizard, but pointed out the […]

Cyber News
  • by
  • July 8, 2024

Dark Web Malware Logs Expose 3,300 Users Linked to Child Abuse Sites

An analysis of information-stealing malware logs published on the dark web has led to the discovery of thousands of consumers of child sexual abuse material (CSAM), indicating how such information could be used to combat serious crimes. “Approximately 3,300 unique users were found with accounts on known CSAM sources,” Recorded Future said in a proof-of-concept […]

Cyber News
  • by
  • July 8, 2024

ChatGPT for Mac app flaw left users’ chat history exposed

Graham CLULEY July 08, 2024 Promo Protect all your devices, without slowing them down. Free 30-day trial Is it only a few weeks since OpenAI announced its new app for macOS computers? To much fanfare, the makers of ChatGPT revealed a desktop version that allowed Mac users to ask questions directly rather than via the […]

Cyber News
  • by
  • July 8, 2024

New Ransomware-as-a-Service ‘Eldorado’ Targets Windows and Linux Systems

An emerging ransomware-as-a-service (RaaS) operation called Eldorado comes with locker variants to encrypt files on Windows and Linux systems. Eldorado first appeared on March 16, 2024, when an advertisement for the affiliate program was posted on the ransomware forum RAMP, Singapore-headquartered Group-IB said. The cybersecurity firm, which infiltrated the ransomware group, noted that its representative […]

Cyber News
  • by
  • July 8, 2024

5 Key Questions CISOs Must Ask Themselves About Their Cybersecurity Strategy

Events like the recent massive CDK ransomware attack – which shuttered car dealerships across the U.S. in late June 2024 – barely raise public eyebrows anymore. Yet businesses, and the people that lead them, are justifiably jittery. Every CISO knows that cybersecurity is an increasingly hot topic for executives and board members alike. And when […]

Cyber News
  • by
  • July 8, 2024

Experts Warn of Mekotio Banking Trojan Targeting Latin American Countries

Financial institutions in Latin America are being threatened by a banking trojan called Mekotio (aka Melcoz). That’s according to findings from Trend Micro, which said it recently observed a surge in cyber attacks distributing the Windows malware. Mekotio, known to be actively put to use since 2015, is known to target Latin American countries like […]

Cyber News
  • by
  • July 8, 2024

Critical Unpatched Flaws Disclosed in Popular Gogs Open-Source Git Service

Four unpatched security flaws, including three critical ones, have been disclosed in the Gogs open-source, self-hosted Git service that could enable an authenticated attacker to breach susceptible instances, steal or wipe source code, and even plant backdoors. The vulnerabilities, according to SonarSource researchers Thomas Chauchefoin and Paul Gerste, are listed below – CVE-2024-39930 (CVSS score: […]

Cyber News
  • by
  • July 8, 2024

Apple Removes VPN Apps from Russian App Store Amid Government Pressure

Apple removed a number of virtual private network (VPN) apps in Russia from its App Store on July 4, 2024, following a request by Russia’s state communications watchdog Roskomnadzor, Russian news media reported. This includes the mobile apps of 25 VPN service providers, including Hidemy.name VPN, Le VPN, NordVPN, PIA VPN, Planet VPN, Proton VPN, […]

Cyber News
  • by
  • July 5, 2024

Friday Squid Blogging: Newly Discovered Vampire Squid

A new vampire squid species was discovered in the South China Sea. Blog moderation policy.  

Cyber News