Cyber Defense Advisors

Month: November 2024

Dream Job or Cyber Trap? The Rise of Fake Recruiter Scams on LinkedIn

Dream Job or Cyber Trap? The Rise of Fake Recruiter Scams on LinkedIn How Cybercriminals Are Exploiting Job Seekers and Threatening Corporate Security If a recruiter on LinkedIn offers you the role of a lifetime, think twice—it could be a well-disguised cyberattack. Cybercriminals have found their way into the world’s largest professional networks, using platforms […]

Cyber Thoughts
  • by
  • November 13, 2024

Hamas-Affiliated WIRTE Employs SameCoin Wiper in Disruptive Attacks Against Israel

A threat actor affiliated with Hamas has expanded its malicious cyber operations beyond espionage to carry out disruptive attacks that exclusively target Israeli entities. The activity, linked to a group called WIRTE, has also targeted the Palestinian Authority, Jordan, Iraq, Saudi Arabia, and Egypt, Check Point said in an analysis. “The [Israel-Hamas] conflict has not […]

Cyber News
  • by
  • November 13, 2024

Free Decryptor Released for BitLocker-Based ShrinkLocker Ransomware Victims

Romanian cybersecurity company Bitdefender has released a free decryptor to help victims recover data encrypted using the ShrinkLocker ransomware. The decryptor is the result of a comprehensive analysis of ShrinkLocker’s inner workings, allowing the researchers to discover a “specific window of opportunity for data recovery immediately after the removal of protectors from BitLocker-encrypted 

Cyber News
  • by
  • November 13, 2024

Mapping License Plate Scanners in the US

DeFlock is a crowd-sourced project to map license plate scanners. It only records the fixed scanners, of course. The mobile scanners on cars are not mapped.  

Cyber News
  • by
  • November 13, 2024

Comprehensive Guide to Building a Strong Browser Security Program

The rise of SaaS and cloud-based work environments has fundamentally altered the cyber risk landscape. With more than 90% of organizational network traffic flowing through browsers and web applications, companies are facing new and serious cybersecurity threats. These include phishing attacks, data leakage, and malicious extensions. As a result, the browser also becomes a vulnerability […]

Cyber News
  • by
  • November 13, 2024

OvrC Platform Vulnerabilities Expose IoT Devices to Remote Attacks and Code Execution

A security analysis of the OvrC cloud platform has uncovered 10 vulnerabilities that could be chained to allow potential attackers to execute code remotely on connected devices. “Attackers successfully exploiting these vulnerabilities can access, control, and disrupt devices supported by OvrC; some of those include smart electrical power supplies, cameras, routers, home automation systems, and […]

Cyber News
  • by
  • November 13, 2024

Microsoft Fixes 90 New Flaws, Including Actively Exploited NTLM and Task Scheduler Bugs

Microsoft on Tuesday revealed that two security flaws impacting Windows NT LAN Manager (NTLM) and Task Scheduler have come under active exploitation in the wild. The security vulnerabilities are among the 90 security bugs the tech giant addressed as part of its Patch Tuesday update for November 2024. Of the 90 flaws, four are rated […]

Cyber News
  • by
  • November 13, 2024

Iranian Hackers Use “Dream Job” Lures to Deploy SnailResin Malware in Aerospace Attacks

The Iranian threat actor known as TA455 has been observed taking a leaf out of a North Korean hacking group’s playbook to orchestrate its own version of the Dream Job campaign targeting the aerospace industry by offering fake jobs since at least September 2023. “The campaign distributed the SnailResin malware, which activates the SlugResin backdoor,” […]

Cyber News
  • by
  • November 12, 2024

Microsoft Patch Tuesday, November 2024 Edition

Microsoft today released updates to plug at least 89 security holes in its Windows operating systems and other software. November’s patch batch includes fixes for two zero-day vulnerabilities that are already being exploited by attackers, as well as two other flaws that were publicly disclosed prior to today. The zero-day flaw tracked as CVE-2024-49039 is […]

Cyber News