Cyber Defense Advisors

Year: 2024

The Intensifying “Salt Typhoon” Hacks: Is Your Data Safe?

The Intensifying “Salt Typhoon” Hacks: Is Your Data Safe? A Massive Telecom Espionage Campaign Is Unfolding—Here’s What You Need to Know A sweeping cyberattack has infiltrated U.S. telecom networks, and the fallout could affect millions. What Happened? “Salt Typhoon” is the codename for a suspected espionage operation allegedly linked to China, according to U.S. officials. […]

Cyber Thoughts
  • by
  • December 4, 2024

Russia-Linked Turla Exploits Pakistani Hackers’ Servers to Target Afghan and Indian Entities

The Russia-linked advanced persistent threat (APT) group known as Turla has been linked to a previously undocumented campaign that involved infiltrating the command-and-control (C2) servers of a Pakistan-based hacking group named Storm-0156 to conduct its own operations since 2022. The activity, first observed in December 2022, is the latest instance of the nation-state adversary “embedding […]

Cyber News
  • by
  • December 4, 2024

Ransomware-hit vodka maker Stoli files for bankruptcy in the United States

Sales: 0845 470 4001 | Support: 0845 230 6001 | Contact Form | NPS Cyber Security Business Continuity Ransomware Disaster Recovery Data Protection 1977 Hits Stoli Group USA, the US subsidiary of vodka maker Stoli, has filed for bankruptcy – and a ransomware attack is at least partly to blame. The American branch of Stoli, […]

Cyber News
  • by
  • December 4, 2024

U.S. Offered $10M for Hacker Just Arrested by Russia

In January 2022, KrebsOnSecurity identified a Russian man named Mikhail Matveev as “Wazawaka,” a cybercriminal who was deeply involved in the formation and operation of multiple ransomware groups. The U.S. government indicted Matveev as a top ransomware purveyor a year later, offering $10 million for information leading to his arrest. Last week, the Russian government […]

Cyber News
  • by
  • December 4, 2024

Europol Dismantles Criminal Messaging Service MATRIX in Major Global Takedown

Europol on Tuesday announced the takedown of an invite-only encrypted messaging service called MATRIX that’s created by criminals for criminal purposes. The joint operation, conducted by French and Dutch authorities under the moniker Passionflower, comes in the aftermath of an investigation that was launched in 2021 after the messaging service was discovered on the phone […]

Cyber News
  • by
  • December 4, 2024

AI and the 2024 Elections

It’s been the biggest year for elections in human history: 2024 is a “super-cycle” year in which 3.7 billion eligible voters in 72 countries had the chance to go the polls. These are also the first AI elections, where many feared that deepfakes and artificial intelligence-generated misinformation would overwhelm the democratic processes. As 2024 draws […]

Cyber News
  • by
  • December 4, 2024

7 PAM Best Practices to Secure Hybrid and Multi-Cloud Environments

Are you using the cloud or thinking about transitioning? Undoubtedly, multi-cloud and hybrid environments offer numerous benefits for organizations. However, the cloud’s flexibility, scalability, and efficiency come with significant risk — an expanded attack surface. The decentralization that comes with utilizing multi-cloud environments can also lead to limited visibility into user activity and poor access […]

Cyber News
  • by
  • December 4, 2024

Tech support scams leverage Google ads again and again, fleecing unsuspecting internet users

It’s not a new technique, but that doesn’t mean that cybercriminals cannot make rich rewards from SEO poisoning.  SEO poisoning is the dark art of manipulating search engines to ensure that malware-laced adverts and dangerous websites appear high on users’ results – often impersonating legitimate businesses and organisations.  But the simplest way of all to […]

Cyber News
  • by
  • December 4, 2024

How to Plan a New (and Improved!) Password Policy for Real-World Security Challenges

Many organizations struggle with password policies that look strong on paper but fail in practice because they’re too rigid to follow, too vague to enforce, or disconnected from real security needs. Some are so tedious and complex that employees post passwords on sticky notes under keyboards, monitors, or desk drawers. Others set rules so loose […]

Cyber News