Cyber Defense Advisors

Year: 2024

  • by
  • August 28, 2024

When Get-Out-The-Vote Efforts Look Like Phishing

Multiple media reports this week warned Americans to be on guard against a new phishing scam that arrives in a text message informing recipients they are not yet registered to vote. A bit of digging reveals the missives were sent by a California political consulting firm as part of a well-meaning but potentially counterproductive get-out-the-vote […]

Cyber News
  • by
  • August 28, 2024

Fortra Issues Patch for High-Risk FileCatalyst Workflow Security Vulnerability

Fortra has addressed a critical security flaw impacting FileCatalyst Workflow that could be abused by a remote attacker to gain administrative access. The vulnerability, tracked as CVE-2024-6633, carries a CVSS score of 9.8, and stems from the use of a static password to connect to a HSQL database. “The default credentials for the setup HSQL […]

Cyber News
  • by
  • August 28, 2024

APT-C-60 Group Exploit WPS Office Flaw to Deploy SpyGlace Backdoor

A South Korea-aligned cyber espionage has been linked to the zero-day exploitation of a now-patched critical remote code execution flaw in Kingsoft WPS Office to deploy a bespoke backdoor dubbed SpyGlace. The activity has been attributed to a threat actor dubbed APT-C-60, according to cybersecurity firms ESET and DBAPPSecurity. The attacks have been found to […]

Cyber News
  • by
  • August 28, 2024

Matthew Green on Telegram’s Encryption

Matthew Green wrote a really good blog post on what Telegram’s encryption is and is not. EDITED TO ADD (8/28): Another good explainer from Kaspersky.  

Cyber News
  • by
  • August 28, 2024

BlackByte Ransomware Exploits VMware ESXi Flaw in Latest Attack Wave

The threat actors behind the BlackByte ransomware group have been observed likely exploiting a recently patched security flaw impacting VMware ESXi hypervisors, while also leveraging various vulnerable drivers to disarm security protections. “The BlackByte ransomware group continues to leverage tactics, techniques, and procedures (TTPs) that have formed the foundation of its tradecraft since its inception, […]

Cyber News
  • by
  • August 28, 2024

University criticised for using Ebola outbreak lure in phishing test

Graham CLULEY August 28, 2024 Promo Protect all your devices, without slowing them down. Free 30-day trial A phishing exercise conducted by the IT department of the University of California Santa Cruz (UCSC) has backfired, after causing unnecessary panic amongst students and staff. On the morning of Sunday August 18 2024, an email was sent […]

Cyber News
  • by
  • August 28, 2024

CISA Flags Critical Apache OFBiz Flaw Amid Active Exploitation Reports

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a critical security flaw affecting the Apache OFBiz open-source enterprise resource planning (ERP) system to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation in the wild. The vulnerability, known as CVE-2024-38856, carries a CVSS score of 9.8, indicating critical severity. “Apache […]

Cyber News
  • by
  • August 28, 2024

New QR Code Phishing Campaign Exploits Microsoft Sway to Steal Credentials

Cybersecurity researchers are calling attention to a new QR code phishing (aka quishing) campaign that leverages Microsoft Sway infrastructure to host fake pages, once again highlighting the abuse of legitimate cloud offerings for malicious purposes. “By using legitimate cloud applications, attackers provide credibility to victims, helping them to trust the content it serves,” Netskope Threat […]

Cyber News
  • by
  • August 28, 2024

Critical WPML Plugin Flaw Exposes WordPress Sites to Remote Code Execution

A critical security flaw has been disclosed in the WPML WordPress multilingual plugin that could allow authenticated users to execute arbitrary code remotely under certain circumstances. The vulnerability, tracked as CVE-2024-6386 (CVSS score: 9.9), impacts all versions of the plugin before 4.6.13, which was released on August 20, 2024. Arising due to missing input validation […]

Cyber News