Cyber Defense Advisors

Year: 2024

  • by
  • April 26, 2024

10 Critical Endpoint Security Tips You Should Know

In today’s digital world, where connectivity is rules all, endpoints serve as the gateway to a business’s digital kingdom. And because of this, endpoints are one of hackers’ favorite targets. According to the IDC, 70% of successful breaches start at the endpoint. Unprotected endpoints provide vulnerable entry points to launch devastating cyberattacks. With IT teams […]

Cyber News
  • by
  • April 26, 2024

New ‘Brokewell’ Android Malware Spread Through Fake Browser Updates

Fake browser updates are being used to push a previously undocumented Android malware called Brokewell. “Brokewell is a typical modern banking malware equipped with both data-stealing and remote-control capabilities built into the malware,” Dutch security firm ThreatFabric said in an analysis published Thursday. The malware is said to be in active development, adding new commands […]

Cyber News
  • by
  • April 26, 2024

Palo Alto Networks Outlines Remediation for Critical PAN-OS Flaw Under Attack

Palo Alto Networks has shared remediation guidance for a recently disclosed critical security flaw impacting PAN-OS that has come under active exploitation. The vulnerability, tracked as CVE-2024-3400 (CVSS score: 10.0), could be weaponized to obtain unauthenticated remote shell command execution on susceptible devices. It has been addressed in multiple versions of PAN-OS 10.2.x, 11.0.x, and […]

Cyber News
  • by
  • April 26, 2024

Hackers Exploiting WP-Automatic Plugin Bug to Create Admin Accounts on WordPress Sites

Threat actors are attempting to actively exploit a critical security flaw in the ValvePress Automatic plugin for WordPress that could allow site takeovers. The shortcoming, tracked as CVE-2024-27956, carries a CVSS score of 9.9 out of a maximum of 10. It impacts all versions of the plugin prior to 3.92.0. The issue has been resolved […]

Cyber News
  • by
  • April 25, 2024

“Junk gun” ransomware: the cheap new threat to small businesses

What’s going on? A wave of cheap, crude, amateurish ransomware has been spotted on the dark web – and although it may not make as many headlines as LockBit, Rhysida, and BlackSuit, it still presents a serious threat to organizations. What’s “junk gun” ransomware? It’s a name coined by Sophos researchers for unsophisticated ransomware that […]

Cyber News
  • by
  • April 25, 2024

North Korea’s Lazarus Group Deploys New Kaolin RAT via Fake Job Lures

The North Korea-linked threat actor known as Lazarus Group employed its time-tested fabricated job lures to deliver a new remote access trojan called Kaolin RAT as part of attacks targeting specific individuals in the Asia region in summer 2023. The malware could, “aside from standard RAT functionality, change the last write timestamp of a selected […]

Cyber News

The Illusion of 100% Cyber Security Protection

The Illusion of 100% Cyber Security Protection Finding the Smart Balance in Your Digital Defense Investments The dream of perfect cybersecurity is just that—a dream, revealing a hard truth in our digital world.  In the thick of what feels like an endless cyber war, aiming for 100% cybersecurity is like chasing after a mirage. Regardless […]

Cyber Thoughts
  • by
  • April 25, 2024

Hacker posts fake news story about Ukrainians trying to kill Slovak President

Graham CLULEY April 25, 2024 Promo Protect all your devices, without slowing them down. Free 30-day trial Czech news agency ČTK announced on Tuesday that a hacker had managed to break into its systems and published fake news reports of a plot to murder the president of a neighbouring country. One of the false stories […]

Cyber News
  • by
  • April 25, 2024

Network Threats: A Step-by-Step Attack Demonstration

Follow this real-life network attack simulation, covering 6 steps from Initial Access to Data Exfiltration. See how attackers remain undetected with the simplest tools and why you need multiple choke points in your defense strategy. Surprisingly, most network attacks are not exceptionally sophisticated, technologically advanced, or reliant on zero-day tools that exploit edge-case vulnerabilities. Instead, […]

Cyber News