Cyber Defense Advisors

Year: 2024

  • by
  • February 9, 2024

Warning: New Ivanti Auth Bypass Flaw Affects Connect Secure and ZTA Gateways

Ivanti has alerted customers of yet another high-severity security flaw in its Connect Secure, Policy Secure, and ZTA gateway devices that could allow attackers to bypass authentication. The issue, tracked as CVE-2024-22024, is rated 8.3 out of 10 on the CVSS scoring system. “An XML external entity or XXE vulnerability in the SAML component of […]

Cyber News
  • by
  • February 9, 2024

Stealthy Zardoor Backdoor Targets Saudi Islamic Charity Organization

An unnamed Islamic non-profit organization in Saudi Arabia has been targeted as part of a stealthy cyber espionage campaign designed to drop a previously undocumented backdoor called Zardoor. Cisco Talos, which discovered the activity in May 2023, said the campaign has likely persisted since at least March 2021, adding it has identified only one compromised […]

Cyber News
  • by
  • February 8, 2024

Round 3! The toothbrush DDoS attack saga continues: Newspaper counters Fortinet’s translation claim in contentious interview

We thought it was all over… but a Swiss newspaper has come out fighting, blaming Fortinet for spreading untruths about a toothbrush botnet. Will Fortinet return for Round 4, or is this a knockout punch? 

Cyber News
  • by
  • February 8, 2024

US insurance firms sound alarm after 66,000 individuals impacted by SIM swap attack

Two US insurance companies are warning that thousands of individuals’ personal information may have been stolen after hackers compromised computer systems. Read more in my article on the Hot for Security blog. 

Cyber News
  • by
  • February 8, 2024

Surge in deepfake “Face Swap” attacks puts remote identity verification at risk

New research shows a 704% increase in deepfake “face swap” attacks from the first to the second half of 2023. Read more in my article on the Tripwire State of Security blog. 

Cyber News
  • by
  • February 8, 2024

Chinese Hackers Operate Undetected in U.S. Critical Infrastructure for Half a Decade

The U.S. government on Wednesday said the Chinese state-sponsored hacking group known as Volt Typhoon had been embedded into some critical infrastructure networks in the country for at least five years. Targets of the threat actor include communications, energy, transportation, and water and wastewater systems sectors in the U.S. and Guam. “Volt Typhoon’s choice of […]

Cyber News
  • by
  • February 8, 2024

On Software Liabilities

Over on Lawfare, Jim Dempsey published a really interesting proposal for software liability: “Standard for Software Liability: Focus on the Product for Liability, Focus on the Process for Safe Harbor.” Section 1 of this paper sets the stage by briefly describing the problem to be solved. Section 2 canvasses the different fields of law (warranty, […]

Cyber News
  • by
  • February 8, 2024

Unified Identity – look for the meaning behind the hype!

If you’ve listened to software vendors in the identity space lately, you will have noticed that “unified” has quickly become the buzzword that everyone is adopting to describe their portfolio. And this is great! Unified identity has some amazing benefits! However (there is always a however, right?) not every “unified” “identity” “security” “platform” is made […]

Cyber News
  • by
  • February 8, 2024

HijackLoader Evolves: Researchers Decode the Latest Evasion Methods

The threat actors behind a loader malware called HijackLoader have added new techniques for defense evasion, as the malware continues to be increasingly used by other threat actors to deliver additional payloads and tooling. “The malware developer used a standard process hollowing technique coupled with an additional trigger that was activated by the parent process […]

Cyber News