Cyber Defense Advisors

Year: 2024

  • by
  • January 29, 2024

Trickbot malware developer jailed for five years

A 40-year-old Russian man has been sentenced to five years and four months in prison by a US court, for his involvement in the Trickbot gang that deployed ransomware and stole money and sensitive information from businesses around the world. Read more in my article on the Hot for Security blog. 

Cyber News
  • by
  • January 29, 2024

Researchers Uncover How Outlook Vulnerability Could Leak Your NTLM Passwords

A now-patched security flaw in Microsoft Outlook could be exploited by threat actors to access NT LAN Manager (NTLM) v2 hashed passwords when opening a specially crafted file. The issue, tracked as CVE-2023-35636 (CVSS score: 6.5), was addressed by the tech giant as part of its Patch Tuesday updates for December 2023. “In an email attack scenario, […]

Cyber News
  • by
  • January 29, 2024

Microsoft Executives Hacked

Microsoft is reporting that a Russian intelligence agency—the same one responsible for SolarWinds—accessed the email system of the company’s executives. Beginning in late November 2023, the threat actor used a password spray attack to compromise a legacy non-production test tenant account and gain a foothold, and then used the account’s permissions to access a very […]

Cyber News
  • by
  • January 29, 2024

493 Companies Share Their SaaS Security Battles – Get Insights in this Webinar

In today’s digital world, security risks are more prevalent than ever, especially when it comes to Software as a Service (SaaS) applications. Did you know that an alarming 97% of companies face serious risks from unsecured SaaS applications?Moreover, about 20% of these organizations are struggling with internal data threats. These statistics aren’t just numbers; they’re […]

Cyber News
  • by
  • January 29, 2024

Riding the AI Waves: The Rise of Artificial Intelligence to Combat Cyber Threats

In nearly every segment of our lives, AI (artificial intelligence) now makes a significant impact: It can deliver better healthcare diagnoses and treatments; detect and reduce the risk of financial fraud; improve inventory management; and serve up the right recommendation for a streaming movie on Friday night. However, one can also make a strong case […]

Cyber News
  • by
  • January 29, 2024

Albabat, Kasseika, Kuiper: New Ransomware Gangs Rise with Rust and Golang

Cybersecurity researchers have detected in the wild yet another variant of the Phobos ransomware family known as Faust. Fortinet FortiGuard Labs, which detailed the latest iteration of the ransomware, said it’s being propagated by means of an infection that delivers a Microsoft Excel document (.XLAM) containing a VBA script. “The attackers utilized the Gitea service to […]

Cyber News
  • by
  • January 29, 2024

NSA Admits Secretly Buying Your Internet Browsing Data without Warrants

The U.S. National Security Agency (NSA) has admitted to buying internet browsing records from data brokers to identify the websites and apps Americans use that would otherwise require a court order, U.S. Senator Ron Wyden said last week. “The U.S. government should not be funding and legitimizing a shady industry whose flagrant violations of Americans’ […]

Cyber News
  • by
  • January 29, 2024

Malicious PyPI Packages Slip WhiteSnake InfoStealer Malware onto Windows Machines

Cybersecurity researchers have identified malicious packages on the open-source Python Package Index (PyPI) repository that deliver an information stealing malware called WhiteSnake Stealer on Windows systems. The malware-laced packages are named nigpal, figflix, telerer, seGMM, fbdebug, sGMM, myGens, NewGends, and TestLibs111. They have been uploaded by a threat actor named “WS.” “These 

Cyber News
  • by
  • January 29, 2024

Top 3 Cybersecurity Trends for SME Business Leaders

Graham Cluley Security News is sponsored this week by the folks at Cynet. Thanks to the team there for their support. As Cynet’s COO, my team and I get to work closely with risk management executives at small-to-medium enterprises (SMEs) around the world. In this piece, I’ll distill insights from our collaboration into three salient […]

Cyber News