Cyber Defense Advisors

Month: October 2024

  • by
  • October 8, 2024

Qualcomm Urges OEMs to Patch Critical DSP and WLAN Flaws Amid Active Exploits

Qualcomm has rolled out security updates to address nearly two dozen flaws spanning proprietary and open-source components, including one that has come under active exploitation in the wild. The high-severity vulnerability, tracked as CVE-2024-43047 (CVSS score: 7.8), has been described as a user-after-free bug in the Digital Signal Processor (DSP) Service that could lead to […]

Cyber News
  • by
  • October 7, 2024

Your robot vacuum cleaner might be spying on you

Graham CLULEY October 07, 2024 Promo Protect all your devices, without slowing them down. Free 30-day trial When Sean Kelly bought a top-of-the-line vacuum cleaner, he imagined he was making a sensible purchase. Not only would his Ecovacs Deebot X2 help him keep the house he shares with his wife, twin toddlers and a five-month-old […]

Cyber News
  • by
  • October 7, 2024

New Gorilla Botnet Launches Over 300,000 DDoS Attacks Across 100 Countries

Cybersecurity researchers have discovered a new botnet malware family called Gorilla (aka GorillaBot) that draws its inspiration from the leaked Mirai botnet source code. Cybersecurity firm NSFOCUS, which identified the activity last month, said the botnet “issued over 300,000 attack commands, with a shocking attack density” between September 4 and September 27, 2024. No less […]

Cyber News
  • by
  • October 7, 2024

Vulnerable APIs and Bot Attacks Costing Businesses Up to $186 Billion Annually

Organizations are losing between $94 – $186 billion annually to vulnerable or insecure APIs (Application Programming Interfaces) and automated abuse by bots. That’s according to The Economic Impact of API and Bot Attacks report from Imperva, a Thales company. The report highlights that these security threats account for up to 11.8% of global cyber events […]

Cyber News
  • by
  • October 7, 2024

Largest Recorded DDoS Attack is 3.8 Tbps

CLoudflare just blocked the current record DDoS attack: 3.8 terabits per second. (Lots of good information on the attack, and DDoS in general, at the link.) News article. Tags: denial of service Sidebar photo of Bruce Schneier by Joe MacInnis.  

Cyber News
  • by
  • October 7, 2024

Modernization of Authentication: Webinar on MFA, Passwords, and the Shift to Passwordless

The interest in passwordless authentication has increased due to the rise of hybrid work environments and widespread digitization. This has led to a greater need for reliable data security and user-friendly interfaces. Without these measures, organizations are at risk of experiencing data breaches, leaks, and significant financial losses. While traditional password-based systems offer protection, they […]

Cyber News
  • by
  • October 7, 2024

Critical Apache Avro SDK Flaw Allows Remote Code Execution in Java Applications

A critical security flaw has been disclosed in the Apache Avro Java Software Development Kit (SDK) that, if successfully exploited, could allow the execution of arbitrary code on susceptible instances. The flaw, tracked as CVE-2024-47561 (CVSS score: 9.3), impacts all versions of the software prior to 1.11.4. “Schema parsing in the Java SDK of Apache […]

Cyber News
  • by
  • October 7, 2024

THN Cybersecurity Recap: Top Threats and Trends (Sep 30 – Oct 6)

Ever heard of a “pig butchering” scam? Or a DDoS attack so big it could melt your brain? This week’s cybersecurity recap has it all – government showdowns, sneaky malware, and even a dash of app store shenanigans. Get the scoop before it’s too late! ⚡ Threat of the Week Double Trouble: Evil Corp & […]

Cyber News
  • by
  • October 7, 2024

Google Blocks Unsafe Android App Sideloading in India for Improved Fraud Protection

Google has announced that it’s piloting a new security initiative that automatically blocks sideloading of potentially unsafe Android apps in India, after similar tests in Singapore, Thailand, and Brazil. The enhanced fraud protection feature aims to keep users safe when they attempt to install malicious apps from sources other than the Google Play Store, such […]

Cyber News