Cyber Defense Advisors

Year: 2024

  • by
  • April 12, 2024

Zero-Day Alert: Critical Palo Alto Networks PAN-OS Flaw Under Active Attack

Palo Alto Networks is warning that a critical flaw impacting PAN-OS software used in its GlobalProtect gateways is being actively exploited in the wild. Tracked as CVE-2024-3400, the issue has a CVSS score of 10.0, indicating maximum severity. “A command injection vulnerability in the GlobalProtect feature of Palo Alto Networks PAN-OS software for specific PAN-OS […]

Cyber News
  • by
  • April 12, 2024

Sneaky Credit Card Skimmer Disguised as Harmless Facebook Tracker

Cybersecurity researchers have discovered a credit card skimmer that’s concealed within a fake Meta Pixel tracker script in an attempt to evade detection. Sucuri said that the malware is injected into websites through tools that allow for custom code, such as WordPress plugins like Simple Custom CSS and JS or the “Miscellaneous Scripts” section of […]

Cyber News
  • by
  • April 12, 2024

U.S. Federal Agencies Ordered to Hunt for Signs of Microsoft Breach and Mitigate Risks

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday issued an emergency directive (ED 24-02) urging federal agencies to hunt for signs of compromise and enact preventive measures following the recent compromise of Microsoft’s systems that led to the theft of email correspondence with the company. The attack, which came to light earlier this […]

Cyber News
  • by
  • April 11, 2024

Why CISA is Warning CISOs About a Breach at Sisense

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) said today it is investigating a breach at business intelligence company Sisense, whose products are designed to allow companies to view the status of multiple third-party online services in a single dashboard. CISA urged all Sisense customers to reset any credentials and secrets that may have been […]

Cyber News
  • by
  • April 11, 2024

East Central University suffers BlackSuit ransomware attack

Graham CLULEY April 11, 2024 Promo Protect all your devices, without slowing them down. Free 30-day trial The East Central University (ECU) of Ada, Oklahoma, has revealed that a ransomware gang launched an attack against its systems that left some computers and servers encrypted and may have also seen sensitive information stolen. In an advisory […]

Cyber News
  • by
  • April 11, 2024

DragonForce ransomware – what you need to know

What’s going on? A relatively new strain of ransomware called DragonForce has making the headlines after a series of high-profile attacks. Like many other ransomware groups, DragonForce attempts to extort money from its victims in two ways – locking companies out of their computers and data through encryption, and exfiltrating data from compromised systems with […]

Cyber News
  • by
  • April 11, 2024

When a breach goes from 25 documents to 1.3 terabytes…

Ouch. On 7 March 2024, the UK’s Leicester City Council had its systems disrupted by a devastating cyber attack, forcing it to shut down its IT systems and phone lines. Among those affected were care home workers and the homeless. Sign up to our free newsletter.Security news, advice, and tips. By the end of March, […]

Cyber News
  • by
  • April 11, 2024

Python’s PyPI Reveals Its Secrets

GitGuardian is famous for its annual State of Secrets Sprawl report. In their 2023 report, they found over 10 million exposed passwords, API keys, and other credentials exposed in public GitHub commits. The takeaways in their 2024 report did not just highlight 12.8 million new exposed secrets in GitHub, but a number in the popular […]

Cyber News
  • by
  • April 11, 2024

TA547 Phishing Attack Hits German Firms with Rhadamanthys Stealer

A threat actor tracked as TA547 has targeted dozens of German organizations with an information stealer called Rhadamanthys as part of an invoice-themed phishing campaign. “This is the first time researchers observed TA547 use Rhadamanthys, an information stealer that is used by multiple cybercriminal threat actors,” Proofpoint said. “Additionally, the actor appeared to use a […]

Cyber News