Cyber Defense Advisors

Year: 2024

  • by
  • December 3, 2024

Why Phishers Love New TLDs Like .shop, .top and .xyz

Phishing attacks increased nearly 40 percent in the year ending August 2024, with much of that growth concentrated at a small number of new generic top-level domains (gTLDs) — such as .shop, .top, .xyz — that attract scammers with rock-bottom prices and no meaningful registration requirements, new research finds. Meanwhile, the nonprofit entity that oversees […]

Cyber News
  • by
  • December 3, 2024

Cisco Warns of Exploitation of Decade-Old ASA WebVPN Vulnerability

Cisco on Monday updated an advisory to warn customers of active exploitation of a decade-old security flaw impacting its Adaptive Security Appliance (ASA). The vulnerability, tracked as CVE-2014-2120 (CVSS score: 4.3), concerns a case of insufficient input validation in ASA’s WebVPN login page that could allow an unauthenticated, remote attacker to conduct a cross-site scripting […]

Cyber News
  • by
  • December 3, 2024

Algorithms Are Coming for Democracy—but It’s Not All Bad

In 2025, AI is poised to change every aspect of democratic politics—but it won’t necessarily be for the worse. India’s prime minister, Narendra Modi, has used AI to translate his speeches for his multilingual electorate in real time, demonstrating how AI can help diverse democracies to be more inclusive. AI avatars were used by presidential […]

Cyber News
  • by
  • December 3, 2024

North Korean hackers masquerade as remote IT workers and venture capitalists to steal crypto and secrets

Graham CLULEY December 03, 2024 Promo Protect all your devices, without slowing them down. Free 30-day trial In this lust for stealing cryptocurrency and sensitive information, North Korean hackers are disguising themselves as remote IT workers, recruiters, and even venture capitalists. The increasingly sophisticated tactics being used by North Korea’s hackers was the topic at […]

Cyber News
  • by
  • December 3, 2024

No guarantees of payday for ransomware gang that claims to have hacked children’s hospital

Graham CLULEY December 03, 2024 Promo Protect all your devices, without slowing them down. Free 30-day trial One of Europe’s busiest hospitals is investigating if it has been hacked by a notorious ransomware gang. Alder Hey Children’s Hospital in Liverpool says it is aware that the INC Ransom group has published screenshots on the dark […]

Cyber News
  • by
  • December 3, 2024

NachoVPN Tool Exploits Flaws in Popular VPN Clients for System Compromise

Cybersecurity researchers have disclosed a set of flaws impacting Palo Alto Networks and SonicWall virtual private network (VPN) clients that could be potentially exploited to gain remote code execution on Windows and macOS systems. “By targeting the implicit trust VPN clients place in servers, attackers can manipulate client behaviours, execute arbitrary commands, and gain high […]

Cyber News
  • by
  • December 3, 2024

North Korean Kimsuky Hackers Use Russian Email Addresses for Credential Theft Attacks

The North Korea-aligned threat actor known as Kimsuky has been linked to a series of phishing attacks that involve sending email messages that originate from Russian sender addresses to ultimately conduct credential theft. “Phishing emails were sent mainly through email services in Japan and Korea until early September,” South Korean cybersecurity company Genians said. “Then, […]

Cyber News
  • by
  • December 3, 2024

Horns&Hooves Campaign Delivers RATs via Fake Emails and JavaScript Payloads

A newly discovered malware campaign has been found to target private users, retailers, and service businesses mainly located in Russia to deliver NetSupport RAT and BurnsRAT. The campaign, dubbed Horns&Hooves by Kaspersky, has hit more than 1,000 victims since it began around March 2023. The end goal of these attacks is to leverage the access […]

Cyber News
  • by
  • December 2, 2024

SmokeLoader Malware Resurfaces, Targeting Manufacturing and IT in Taiwan

Taiwanese entities in manufacturing, healthcare, and information technology sectors have become the target of a new campaign distributing the SmokeLoader malware. “SmokeLoader is well-known for its versatility and advanced evasion techniques, and its modular design allows it to perform a wide range of attacks,” Fortinet FortiGuard Labs said in a report shared with The Hacker […]

Cyber News