Cyber Defense Advisors

Month: October 2024

  • by
  • October 7, 2024

E.U. Court Limits Meta’s Use of Personal Facebook Data for Targeted Ads

Europe’s top court has ruled that Meta Platforms must restrict the use of personal data harvested from Facebook for serving targeted ads even when users consent to their information being used for advertising purposes, a move that could have serious consequences for ad-driven companies operating in the region. “An online social network such as Facebook […]

Cyber News
  • by
  • October 5, 2024

Apple Releases Critical iOS and iPadOS Updates to Fix VoiceOver Password Vulnerability

Apple has released iOS and iPadOS updates to address two security issues, one of which could have allowed a user’s passwords to be read out aloud by its VoiceOver assistive technology. The vulnerability, tracked as CVE-2024-44204, has been described as a logic problem in the new Passwords app impacting a slew of iPhones and iPads. […]

Cyber News
  • by
  • October 4, 2024

Friday Squid Blogging: Map of All Colossal Squid Sightings

Interesting map, from this paper. Blog moderation policy.  

Cyber News
  • by
  • October 4, 2024

U.S. and Microsoft Seize 107 Russian Domains in Major Cyber Fraud Crackdown

Microsoft and the U.S. Department of Justice (DoJ) on Thursday announced the seizure of 107 internet domains used by state-sponsored threat actors with ties to Russia to facilitate computer fraud and abuse in the country. “The Russian government ran this scheme to steal Americans’ sensitive information, using seemingly legitimate email accounts to trick victims into […]

Cyber News
  • by
  • October 4, 2024

How to Get Going with CTEM When You Don’t Know Where to Start

Continuous Threat Exposure Management (CTEM) is a strategic framework that helps organizations continuously assess and manage cyber risk. It breaks down the complex task of managing security threats into five distinct stages: Scoping, Discovery, Prioritization, Validation, and Mobilization. Each of these stages plays a crucial role in identifying, addressing, and mitigating vulnerabilities – before they […]

Cyber News
  • by
  • October 4, 2024

Cloudflare Thwarts Largest-Ever 3.8 Tbps DDoS Attack Targeting Global Sectors

Cloudflare has disclosed that it mitigated a record-breaking distributed denial-of-service (DDoS) attack that peaked at 3.8 terabits per second (Tbps) and lasted 65 seconds. The web infrastructure and security company said it fended off “over one hundred hyper-volumetric L3/4 DDoS attacks throughout last month, with many exceeding 2 billion packets per second (Bpps) and 3 […]

Cyber News
  • by
  • October 4, 2024

WordPress LiteSpeed Cache Plugin Security Flaw Exposes Sites to XSS Attacks

A new high-severity security flaw has been disclosed in the LiteSpeed Cache plugin for WordPress that could enable malicious actors to execute arbitrary JavaScript code under certain conditions. The flaw, tracked as CVE-2024-47374 (CVSS score: 7.2), has been described as a stored cross-site scripting (XSS) vulnerability impacting all versions of the plugin up to and […]

Cyber News
  • by
  • October 4, 2024

Sellafield nuclear site hit with £332,500 fine after “significant cybersecurity shortfalls”

Graham CLULEY October 04, 2024 Promo Protect all your devices, without slowing them down. Free 30-day trial The UK’s Sellafield nuclear waste processing and storage site has been fined £332,500 by regulators after its IT systems were found to have been left vulnerable to hackers and unauthorised access for years. The Office for Nuclear Regulation […]

Cyber News
  • by
  • October 3, 2024

Google Adds New Pixel Security Features to Block 2G Exploits and Baseband Attacks

Google has revealed the various security guardrails that have been incorporated into its latest Pixel devices to counter the rising threat posed by baseband security attacks. The cellular baseband (i.e., modem) refers to a processor on the device that’s responsible for handling all connectivity, such as LTE, 4G, and 5G, with a mobile phone cell […]

Cyber News