Cyber Defense Advisors

Year: 2024

  • by
  • July 9, 2024

Microsoft Patch Tuesday, July 2024 Edition

Microsoft Corp. today issued software updates to plug at least 139 security holes in various flavors of Windows and other Microsoft products. Redmond says attackers are already exploiting at least two of the vulnerabilities in active attacks against Windows users. The first Microsoft zero-day this month is CVE-2024-38080, a bug in the Windows Hyper-V component […]

Cyber News
  • by
  • July 9, 2024

The AI Fix #6: AI lobotomies, and bots scam scam bots

In episode six of The AI Fix, our hosts discover an unusual place to put a traffic cone, Mark learns why Americans should pretend to be from Brazil, and Graham discovers a way to make any situation much, much worse. Graham inflicts his terrible Australian accent on Mark while explaining bot-on-bot crime, and Mark tells […]

Cyber News
  • by
  • July 9, 2024

Reverse-Engineering Ticketmaster’s Barcode System

Interesting: By reverse-engineering how Ticketmaster and AXS actually make their electronic tickets, scalpers have essentially figured out how to regenerate specific, genuine tickets that they have legally purchased from scratch onto infrastructure that they control. In doing so, they are removing the anti-scalping restrictions put on the tickets by Ticketmaster and AXS. EDITED TO ADD […]

Cyber News
  • by
  • July 9, 2024

Ransomware attack on blood-testing service puts lives in danger in South Africa

Graham CLULEY July 09, 2024 Promo Protect all your devices, without slowing them down. Free 30-day trial A ransomware attack against South Africa’s National Health Laboratory Service (NHLS) has put lives at risk and created chaos for healthcare services across the country. On June 22, the BlackSuit ransomware group hit NHLS, leaving it unable to […]

Cyber News
  • by
  • July 9, 2024

RADIUS Protocol Vulnerability Exposes Networks to MitM Attacks

Cybersecurity researchers have discovered a security vulnerability in the RADIUS network authentication protocol called BlastRADIUS that could be exploited by an attacker to stage Mallory-in-the-middle (MitM) attacks and bypass integrity checks under certain circumstances. “The RADIUS protocol allows certain Access-Request messages to have no integrity or authentication checks,” InkBridge Networks CEO Alan DeKok, who is […]

Cyber News
  • by
  • July 9, 2024

Hackers Exploiting Jenkins Script Console for Cryptocurrency Mining Attacks

Cybersecurity researchers have found that it’s possible for attackers to weaponize improperly configured Jenkins Script Console instances to further criminal activities such as cryptocurrency mining. “Misconfigurations such as improperly set up authentication mechanisms expose the ‘/script’ endpoint to attackers,” Trend Micro’s Shubham Singh and Sunil Bharti said in a technical write-up published last week. “This […]

Cyber News
  • by
  • July 9, 2024

HUMINT: Diving Deep into the Dark Web

Discover how cybercriminals behave in Dark Web forums- what services they buy and sell, what motivates them, and even how they scam each other. Clear Web vs. Deep Web vs. Dark Web Threat intelligence professionals divide the internet into three main components: Clear Web – Web assets that can be viewed through public search engines, […]

Cyber News
  • by
  • July 9, 2024

GuardZoo Malware Targets Over 450 Middle Eastern Military Personnel

Military personnel from Middle East countries are the target of an ongoing surveillanceware operation that delivers an Android data-gathering tool called GuardZoo. The campaign, believed to have commenced as early as October 2019, has been attributed to a Houthi-aligned threat actor based on the application lures, command-and-control (C2) server logs, targeting footprint, and the attack […]

Cyber News
  • by
  • July 9, 2024

Cybersecurity Agencies Warn of China-linked APT40’s Rapid Exploit Adaptation

Cybersecurity agencies from Australia, Canada, Germany, Japan, New Zealand, South Korea, the U.K., and the U.S. have released a joint advisory about a China-linked cyber espionage group called APT40, warning about its ability to co-opt exploits for newly disclosed security flaws within hours or days of public release. “APT40 has previously targeted organizations in various […]

Cyber News