Cyber Defense Advisors

Year: 2024

  • by
  • January 30, 2024

Juniper Networks Releases Urgent Junos OS Updates for High-Severity Flaws

Juniper Networks has released out-of-band updates to address high-severity flaws in SRX Series and EX Series that could be exploited by a threat actor to take control of susceptible systems. The vulnerabilities, tracked as CVE-2024-21619 and CVE-2024-21620, are rooted in the J-Web component and impact all versions of Junos OS. Two other shortcomings, CVE-2023-36846 and 

Cyber News
  • by
  • January 29, 2024

Buckingham Palace seeks Cybersecurity Manager to safeguard Royal Family – Get the job, get a discount on a honey dipper!

Fancy a high-profile cybersecurity job? Here’s one for you. Role: Cyber Security Manager. Location: Buckingham Palace. 

Cyber News
  • by
  • January 29, 2024

Trickbot malware developer jailed for five years

A 40-year-old Russian man has been sentenced to five years and four months in prison by a US court, for his involvement in the Trickbot gang that deployed ransomware and stole money and sensitive information from businesses around the world. Read more in my article on the Hot for Security blog. 

Cyber News
  • by
  • January 29, 2024

Researchers Uncover How Outlook Vulnerability Could Leak Your NTLM Passwords

A now-patched security flaw in Microsoft Outlook could be exploited by threat actors to access NT LAN Manager (NTLM) v2 hashed passwords when opening a specially crafted file. The issue, tracked as CVE-2023-35636 (CVSS score: 6.5), was addressed by the tech giant as part of its Patch Tuesday updates for December 2023. “In an email attack scenario, […]

Cyber News
  • by
  • January 29, 2024

Microsoft Executives Hacked

Microsoft is reporting that a Russian intelligence agency—the same one responsible for SolarWinds—accessed the email system of the company’s executives. Beginning in late November 2023, the threat actor used a password spray attack to compromise a legacy non-production test tenant account and gain a foothold, and then used the account’s permissions to access a very […]

Cyber News
  • by
  • January 29, 2024

493 Companies Share Their SaaS Security Battles – Get Insights in this Webinar

In today’s digital world, security risks are more prevalent than ever, especially when it comes to Software as a Service (SaaS) applications. Did you know that an alarming 97% of companies face serious risks from unsecured SaaS applications?Moreover, about 20% of these organizations are struggling with internal data threats. These statistics aren’t just numbers; they’re […]

Cyber News
  • by
  • January 29, 2024

Riding the AI Waves: The Rise of Artificial Intelligence to Combat Cyber Threats

In nearly every segment of our lives, AI (artificial intelligence) now makes a significant impact: It can deliver better healthcare diagnoses and treatments; detect and reduce the risk of financial fraud; improve inventory management; and serve up the right recommendation for a streaming movie on Friday night. However, one can also make a strong case […]

Cyber News
  • by
  • January 29, 2024

Albabat, Kasseika, Kuiper: New Ransomware Gangs Rise with Rust and Golang

Cybersecurity researchers have detected in the wild yet another variant of the Phobos ransomware family known as Faust. Fortinet FortiGuard Labs, which detailed the latest iteration of the ransomware, said it’s being propagated by means of an infection that delivers a Microsoft Excel document (.XLAM) containing a VBA script. “The attackers utilized the Gitea service to […]

Cyber News
  • by
  • January 29, 2024

NSA Admits Secretly Buying Your Internet Browsing Data without Warrants

The U.S. National Security Agency (NSA) has admitted to buying internet browsing records from data brokers to identify the websites and apps Americans use that would otherwise require a court order, U.S. Senator Ron Wyden said last week. “The U.S. government should not be funding and legitimizing a shady industry whose flagrant violations of Americans’ […]

Cyber News