Cyber Defense Advisors

Year: 2024

  • by
  • November 22, 2024

PyPI Attack: ChatGPT, Claude Impersonators Deliver JarkaStealer via Python Libraries

Cybersecurity researchers have discovered two malicious packages uploaded to the Python Package Index (PyPI) repository that impersonated popular artificial intelligence (AI) models like OpenAI ChatGPT and Anthropic Claude to deliver an information stealer called JarkaStealer. The packages, named gptplus and claudeai-eng, were uploaded by a user named “Xeroline” in November 2023, attracting 

Cyber News
  • by
  • November 21, 2024

Feds Charge Five Men in ‘Scattered Spider’ Roundup

Federal prosecutors in Los Angeles this week unsealed criminal charges against five men alleged to be members of a hacking group responsible for dozens of cyber intrusions at major U.S. technology companies between 2021 and 2023, including LastPass, MailChimp, Okta, T-Mobile and Twilio. A visual depiction of the attacks by the SMS phishing group known […]

Cyber News

Resilience is the New Hack-Proof: The Only Way to Outsmart Cybercriminals

Resilience is the New Hack-Proof: The Only Way to Outsmart Cybercriminals 5 Game-Changing Strategies to Stay Ahead of Cyber Threats The digital world isn’t just a playground—it’s a battlefield. If you want to survive—and thrive—you need more than just cybersecurity. You need cyber resilience. A groundbreaking report from the World Economic Forum and the University […]

Cyber Thoughts
  • by
  • November 21, 2024

750,000 patients’ medical records exposed after data breach at French hospital

When we think about our data being leaked onto the internet, we often picture it as our financial records, our passwords, our names and addresses… what is less often considered is the exposure of our private medical information. A French hospital has found itself in the unenviable position of learning that hackers have gained access […]

Cyber News
  • by
  • November 21, 2024

Warning: Over 2,000 Palo Alto Networks Devices Hacked in Ongoing Attack Campaign

As many as 2,000 Palo Alto Networks devices are estimated to have been compromised as part of a campaign abusing the newly disclosed security flaws that have come under active exploitation in the wild. According to statistics shared by the Shadowserver Foundation, a majority of the infections have been reported in the U.S. (554) and […]

Cyber News
  • by
  • November 21, 2024

Chinese APT Gelsemium Targets Linux Systems with New WolfsBane Backdoor

The China-aligned advanced persistent threat (APT) actor known as Gelsemium has been observed using a new Linux backdoor dubbed WolfsBane as part of cyber attacks likely targeting East and Southeast Asia. That’s according to findings from cybersecurity firm ESET based on multiple Linux samples uploaded to the VirusTotal platform from Taiwan, the Philippines, and Singapore […]

Cyber News
  • by
  • November 21, 2024

10 Most Impactful PAM Use Cases for Enhancing Organizational Security

Privileged access management (PAM) plays a pivotal role in building a strong security strategy. PAM empowers you to significantly reduce cybersecurity risks, gain tighter control over privileged access, achieve regulatory compliance, and reduce the burden on your IT team.  As an established provider of a PAM solution, we’ve witnessed firsthand how PAM transforms organizational security. […]

Cyber News
  • by
  • November 21, 2024

North Korean Front Companies Impersonate U.S. IT Firms to Fund Missile Programs

Threat actors with ties to the Democratic People’s Republic of Korea (DPRK) are impersonating U.S.-based software and technology consulting businesses in order to further their financial objectives as part of a broader information technology (IT) worker scheme. “Front companies, often based in China, Russia, Southeast Asia, and Africa, play a key role in masking the […]

Cyber News
  • by
  • November 21, 2024

Secret Service Tracking People’s Locations without Warrant

This feels important: The Secret Service has used a technology called Locate X which uses location data harvested from ordinary apps installed on phones. Because users agreed to an opaque terms of service page, the Secret Service believes it doesn’t need a warrant. Tags: geolocation, privacy, Secret Service, surveillance, tracking Sidebar photo of Bruce Schneier […]

Cyber News