Cyber Defense Advisors

Year: 2024

  • by
  • November 27, 2024

NSO Group Spies on People on Behalf of Governments

The Israeli company NSO Group sells Pegasus spyware to countries around the world (including countries like Saudi Arabia, UAE, India, Mexico, Morocco and Rwanda). We assumed that those countries use the spyware themselves. Now we’ve learned that that’s not true: that NSO Group employees operate the spyware on behalf of their customers. Legal documents released […]

Cyber News
  • by
  • November 27, 2024

Latest Multi-Stage Attack Scenarios with Real-World Examples

Multi-stage cyber attacks, characterized by their complex execution chains, are designed to avoid detection and trick victims into a false sense of security. Knowing how they operate is the first step to building a solid defense strategy against them. Let’s examine real-world examples of some of the most common multi-stage attack scenarios that are active […]

Cyber News
  • by
  • November 27, 2024

APT-C-60 Hackers Exploit StatCounter and Bitbucket in SpyGlace Malware Campaign

The threat actor known as APT-C-60 has been linked to a cyber attack targeting an unnamed organization in Japan that used a job application-themed lure to deliver the SpyGlace backdoor. That’s according to findings from JPCERT/CC, which said the intrusion leveraged legitimate services like Google Drive, Bitbucket, and StatCounter. The attack was carried out around […]

Cyber News
  • by
  • November 27, 2024

INTERPOL Busts African Cybercrime: 1,006 Arrests, 134,089 Malicious Networks Dismantled

An INTERPOL-led operation has led to the arrest of 1,006 suspects across 19 African countries and the takedown of 134,089 malicious infrastructures and networks as part of a coordinated effort to disrupt cybercrime in the continent. Dubbed Serengeti, the law enforcement exercise took place between September 2 and October 31, 2024, and targeted criminals behind […]

Cyber News
  • by
  • November 27, 2024

Matrix Botnet Exploits IoT Devices in Widespread DDoS Botnet Campaign

A threat actor named Matrix has been linked to a widespread distributed denial-of-service (DDoS) campaign that leverages vulnerabilities and misconfigurations in Internet of Things (IoT) devices to co-opt them into a disruptive botnet. “This operation serves as a comprehensive one-stop shop for scanning, exploiting vulnerabilities, deploying malware, and setting up shop kits, showcasing a do-it-all-yourself […]

Cyber News
  • by
  • November 27, 2024

Hacker in Snowflake Extortions May Be a U.S. Soldier

Two men have been arrested for allegedly stealing data from and extorting dozens of companies that used the cloud data storage company Snowflake, but a third suspect — a prolific hacker known as Kiberphant0m — remains at large and continues to publicly extort victims. However, this person’s identity may not remain a secret for long: […]

Cyber News

7 Cybersecurity Wins to Be Proud of This Thanksgiving

7 Cybersecurity Wins to Be Proud of This Thanksgiving “Individual commitment to a group effort – that is what makes a team work, a company work, a society work, a civilization work.” – Vince Lombardi Thanksgiving isn’t just about turkey, stuffing, and sidestepping awkward political debates. For CISOs, CEOs, and IT leaders, it’s also a moment to […]

Cyber Thoughts
  • by
  • November 26, 2024

The AI Fix #26: Would AI kill sentient robots, and is water wet?

In episode 26 of The AI Fix, an AI does surgery on pork chops, holographic Jesus wants your consent to use cookies, Mark opens the pod bay doors, our hosts discover OpenAI’s couch potato health coach, and Graham finds a robot made of drain pipes. Graham pits Mark against an AI in a morality quiz […]

Cyber News
  • by
  • November 26, 2024

Data leaks from websites built on Microsoft Power Pages, including 1.1 million NHS records

Graham CLULEY November 26, 2024 Promo Protect all your devices, without slowing them down. Free 30-day trial A security researcher has blamed misconfigured implementations of Microsoft Power Pages for a slew of data breaches from web portals – including the leak of 1.1 million NHS employee records. It’s the latest discovery by Dublin-based security researcher […]

Cyber News