Cyber Defense Advisors

Year: 2024

Home / News / 2024 / Page 70
  • by
  • September 26, 2024

CISA warns hackers targeting industrial systems with “unsophisticated methods” as claims made of Lebanon water hack

The US Cybersecurity and Infrastructure Security Agency (CISA) has warned that malicious hackers continue to be capable of compromising industrial control systems (ICS) and other operational technology (OT) using “unsophisticated methods” – suggesting that much more still needs to be done to secure them properly. In an advisory posted on CISA’s website yesterday, the agency […]

Cyber News
  • by
  • September 26, 2024

N. Korean Hackers Deploy New KLogEXE and FPSpy Malware in Targeted Attacks

Threat actors with ties to North Korea have been observed leveraging two new malware strains dubbed KLogEXE and FPSpy. The activity has been attributed to an adversary tracked as Kimsuky, which is also known as APT43, ARCHIPELAGO, Black Banshee, Emerald Sleet (formerly Thallium), Sparkling Pisces, Springtail, and Velvet Chollima. “These samples enhance Sparkling Pisces’ already […]

Cyber News
  • by
  • September 26, 2024

Overloaded with SIEM Alerts? Discover Effective Strategies in This Expert-Led Webinar

Imagine trying to find a needle in a haystack, but the haystack is on fire, and there are a million other needles you also need to find. That’s what dealing with security alerts can feel like. SIEM was supposed to make this easier, but somewhere along the way, it became part of the problem. Too […]

Cyber News
  • by
  • September 26, 2024

An Analysis of the EU’s Cyber Resilience Act

A good—long, complex—analysis of the EU’s new Cyber Resilience Act.  

Cyber News
  • by
  • September 26, 2024

EPSS vs. CVSS: What’s the Best Approach to Vulnerability Prioritization?

Many businesses rely on the Common Vulnerability Scoring System (CVSS) to assess the severity of vulnerabilities for prioritization. While these scores provide some insight into the potential impact of a vulnerability, they don’t factor in real-world threat data, such as the likelihood of exploitation. With new vulnerabilities discovered daily, teams don’t have the time – […]

Cyber News
  • by
  • September 26, 2024

Watering Hole Attack on Kurdish Sites Distributing Malicious APKs and Spyware

As many as 25 websites linked to the Kurdish minority have been compromised as part of a watering hole attack designed to harvest sensitive information for over a year and a half. French cybersecurity firm Sekoia, which disclosed details of the campaign dubbed SilentSelfie, described the intrusion set as long-running, with first signs of infection […]

Cyber News
  • by
  • September 26, 2024

Smashing Security podcast #386: The $230 million crypto handbag heist, and misinformation on social media

Two men are accused of stealing almost a quarter of a billion dollars from one person’s cryptocurrency wallet, but why on earth would they be handing out handbags to strangers? And social media comes under the spotlight once more, as we ask if you are delving into misinformation in your most private moments… All this […]

Cyber News
  • by
  • September 26, 2024

Cloudflare Warns of India-Linked Hackers Targeting South and East Asian Entities

An advanced threat actor with an India nexus has been observed using multiple cloud service providers to facilitate credential harvesting, malware delivery, and command-and-control (C2). Web infrastructure and security company Cloudflare is tracking the activity under the name SloppyLemming, which is also called Outrider Tiger and Fishing Elephant. “Between late 2022 to present, SloppyLemming has […]

Cyber News
  • by
  • September 26, 2024

Chinese Hackers Infiltrate U.S. Internet Providers in Cyber Espionage Campaign

Nation-state threat actors backed by Beijing broke into a “handful” of U.S. internet service providers (ISPs) as part of a cyber espionage campaign orchestrated to glean sensitive information, The Wall Street Journal reported Wednesday. The activity has been attributed to a threat actor that Microsoft tracks as Salt Typhoon, which is also known as FamousSparrow […]

Cyber News